Network misconfigurations

Security group allows inbound access from unauthorized ports

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, CPRA, Data Security Posture Management (DSPM) Best Practices, GDPR, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, pipeda, UK Cyber Essentials

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. It was detected that the security group {AwsEc2SecurityGroup} is configured to allow inbound access of TCP and UDP from any IP address (0.0.0.0/0 or ::/0) through any port. Accepting unrestricted inbound access may increase the opportunity of malicious activity such as hacking and loss of data.