Network misconfigurations

Azure MySQL Server Firewall allows access from all Azure Services

Platform(s)
Compliance Frameworks
  • Brazilian General Data Protection (LGPD)
  • ,
  • CCPA
  • ,
  • coppa
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Microsoft Cloud Security Benchmark
  • ,
  • Mitre ATT&CK
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices
  • ,
  • PDPA
  • ,
  • pipeda
  • ,
  • UK Cyber Essentials

Description

{AzureMySqlDbServer} MySQL server's firewall allows access to all Azure services (by default, this configuration is disabled). This option configures the firewall to allow all connections from Azure, including connections from the subscriptions of other customers. In order to reduce the potential attacks of a SQL server, firewall rules should be defined with more restricted IP addresses by referencing the range of addresses available for a specific SQL Server.