Network security group rule allows direct UDP based services access from the internet

Network misconfigurations

Network security group rule allows direct UDP based services access from the internet

Platform(s)

Compliance Frameworks

Azure CIS
Brazilian General Data Protection (LGPD)
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
iso_27001_2022
iso_27002_2022
Microsoft Cloud Security Benchmark
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Azure network security group rules allow or deny traffic when its conditions are met. The rules allow users to specify the type of traffic, such as ports ,protocols, source and destination of the traffic, including IP addresses, subnets, and instances. {AzureNetworkSecurityGroupRule} allows direct UDP based services (ports : 53, 123, 161, 389, 1900) access from the internet, which puts at risk your Azure Virtual Machines.

Network security group rule allows direct UDP based services access from the internet

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS