Network misconfigurations

Elastic Load Balancer (ELBV2) with public access

Risk Level

Hazardous (3)

Platform(s)

Description

Elastic Load Balancer (ELB) supports multiple load balancers types, each provide different feature in multiple network layers (application, network, transport). The elastic load balancer {AwsEc2Elbv2} was discovered to be associated with a security group {AwsEc2Elbv2.SecurityGroups} that allows public ingress access without IP filtering (0.0.0.0/0). Load balancer configured with public access opens the application hosted behind the load balancer to attacks from malicious entities on the Internet.