Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to Oracle DB port 1521

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Oracle TNS (Transparent Network Substrate) port - 1521 is used by Oracle client to connect to the database server over Oracle SQL Net protocol. Allowing inbound traffic from all external IP addresses on TNS port will let commands to be sent to the listener - the listener can be shut down, or the databases can be queried. It is a best practice to block public access and restrict access from specific IP addresses to port 1521.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.