Network misconfigurations

Azure virtual machine allows direct access to MySQL service from the Internet

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Port 3306 is the default port for the classic MySQL protocol, which is used by the mysql client, MySQL Connectors, and utilities such as mysqldump and mysqlpump. This port is open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming MySQL traffic from allowed IP addresses only.