Network misconfigurations

Security group allows unrestricted outbound traffic

Platform(s)
Compliance Frameworks

CCM-CSA, CCPA, CPRA, CSA CCM, Data Security Posture Management (DSPM) Best Practices, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, Orca Best Practices, PDPA, UK Cyber Essentials

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow outbound access to any IP address (0.0.0.0/0 or ::/0) for {SgIpPermissions.PortRange}.