Data at risk

Database Migration Service publicly accessible

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, Brazilian General Data Protection (LGPD), CCPA, CPRA, Data Security Posture Management (DSPM) Best Practices, GDPR, HITRUST, ISO 27701, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, pipeda, UK Cyber Essentials

Description

Database Migration Services (DMS) are associated with security groups in order to allow other users to access it. It was found that the DMS replication instance ""{AwsDmsReplicationInstance}"" is publicly accessible over the internet. When public access is enabled there is a risk of unauthorized access to the replication instance from outside of the VPC.