Classic Load Balancer (ELB) with public access

Network misconfigurations

Classic Load Balancer (ELB) with public access

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
CPRA
GDPR
HITRUST
ISO 27701
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Classic Load Balancer (ELB) provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. The load balancer {AwsEc2Elb} was discovered to be associated with a security group {AwsEc2Elb.SecurityGroups} that allows public ingress access without IP filtering (0.0.0.0/0). Load balancer configured with public access opens the application hosted behind the load balancer to attacks from malicious entities on the Internet.

Classic Load Balancer (ELB) with public access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS