Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to PostgreSQL port 5432

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

PostgreSQL - 5432 is used by SQL server to listen for client requests. Allowing inbound traffic from all external IP addresses on PostgreSQL port is vulnerable to postgresql exploit. It is a best practice to block public access, and restrict access from specific IP addresses to port 5432.
  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.