Security group allows inbound access to TCP port 2375 and 2376 (Docker API)

Network misconfigurations

Security group allows inbound access to TCP port 2375 and 2376 (Docker API)

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-190
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound access to TCP port 2375 and 2376 (Docker API) from any IP address (0.0.0.0/0 or ::/0).

Recommended Mitigation

Ensure security groups in your account are configured to allow access to TCP port 2375 and 2376 (Docker API) from specific IP addresses only. More details can be found in <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html</a>

Security group allows inbound access to TCP port 2375 and 2376 (Docker API)

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS