Network misconfigurations

Amazon MQ broker is publicly accessible

Platform(s)
Compliance Frameworks

Brazilian General Data Protection (LGPD), CCPA, cis_8, CPRA, GDPR, HITRUST, ISO 27701, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, PDPA, UK Cyber Essentials

Description

Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that allows setting up and operating message brokers. It was detected that MQ broker {AwsMqBroker} is publicly accessible, which means every machine on the Internet can reach it through their public endpoints. It will increase the risk of malicious activity such as cross-site scripting(XSS), clickjacking and DDoS attacks.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo