Network misconfigurations

Network Load Balancer allows inbound access to TCP port 9042 (Cassandra Client)

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Network Load Balancer ""{AwsEc2Elbv2}"" is associated with security group ""{AwsEc2Elbv2.SecurityGroups}"" that is configured to allow inbound access to TCP port 9042 TCP port 9042 (Cassandra Client) from any IP address (0.0.0.0/0)
  • Recommended Mitigation

    It is recommended to configure Network Load Balancers to allow access to TCP port 9042 (Cassandra Client)sandra Client) from specific IP addresses only. More details can be found in <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html</a>