Network misconfigurations

Azure virtual machine with Windows distribution allows direct RPC access from the internet

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

In distributed computing, a remote procedure call (RPC) is when a computer program causes a procedure (subroutine) to execute in a different address space (commonly on another computer on a shared network), which is coded as if it were a normal (local) procedure call, without the programmer explicitly coding the details for the remote interaction. The RPC port (135) is open on your Windows virtual machine and allows all incoming traffic from the internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming RPC traffic from allowed IP addresses only.