Network misconfigurations

AWS Ec2 security group allows unrestricted ICMP traffic from the Internet

Platform(s)
Compliance Frameworks

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the security group {AwsEc2SecurityGroup} ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound access to ICMP port from any IP address (0.0.0.0/0)
  • Recommended Mitigation

    Ensure security groups in your account are configured to allow access to ICMP port from any IP address only. More details can be found in <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html</a>