Network misconfigurations

Azure virtual machine allows direct LDAP over SSL access from the Internet


LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network. The LDAP over SSL port (636) is open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming LDAP over SSL traffic from allowed IP addresses only.