Security group allows inbound access to TCP port 5432 (PostgreSQL Database)

Network misconfigurations

Security group allows inbound access to TCP port 5432 (PostgreSQL Database)

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

HITRUST
NIST 800-53
Orca Best Practices

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound access to TCP port 5432 (PostgreSQL Database) from any IP address (0.0.0.0/0 or ::/0).

Recommended Mitigation

Ensure security groups in your account are configured to allow access to TCP port 5432 (PostgreSQL Database) from specific IP addresses only. More details can be found in https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html

Security group allows inbound access to TCP port 5432 (PostgreSQL Database)

Description

Need help?