Network misconfigurations

Security group allows inbound access from private ranges

Risk Level

Informational (4)

Platform(s)

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound access from RFC-1918 CIDRs (private IP ranges, for example 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16).