Network misconfigurations

VPC NACL allows ingress traffic from blocked ports

Platform(s)
Compliance Frameworks

CCPA, cis_8, CPRA, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, PDPA, UK Cyber Essentials

Description

The VPC subnet {AwsSubnet} is associated with rules that allow traffic to ingress ports to a wide range of IPs.