Elastic Load Balancer (ELB) allows ingress access to RPC port 135

Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to RPC port 135

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

CCPA
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
UK Cyber Essentials

Description

Remote Procedure Call (RPC) protocol provides an inter-process communication mechanism that allows a program running on one computer to seamlessly execute code on another remote system. Using RPC protocol, an attacker can take any action on your system, like installing programs, viewing, changing or deleting data, or creating new accounts with full privileges. It is a best practice to block RPC port 135 from the public internet.

Recommended Mitigation

It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.

Elastic Load Balancer (ELB) allows ingress access to RPC port 135

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS