Network misconfigurations

Azure virtual machine allows direct Telnet access from the Internet

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks
  • CCPA
  • ,
  • ISO/IEC 27001
  • ,
  • Microsoft Cloud Security Benchmark
  • ,
  • Mitre ATT&CK v12
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices
  • ,
  • UK Cyber Essentials

Description

Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. The Telnet port (23) is open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
  • Recommend icon

    Recommended Mitigation

    Configure networking rule to allow incoming Telnet traffic from allowed IP addresses only.