Network misconfigurations

Azure Key vault is publicly accessible

Risk Level

Informational (4)



By default, when you create a new key vault, the Azure Key Vault firewall is disabled. It's possible to enable public access to your Key vault from trusted sources only, using Firewall and virtual networks rules.
  • Recommended Mitigation

    It is recommended to review the Key vault network configuration and limit the access to trusted networks and/or IP addresses only.