Network misconfigurations

Default security group allows inbound unrestricted traffic

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the default security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound access from any IP address (0.0.0.0/0 or ::/0)