Network misconfigurations

Security list allows unrestricted ingress access to port 3389 (RDP)

Risk Level

Hazardous (3)

Platform(s)
  • N/A

Compliance Frameworks

Description

Security lists act as virtual firewalls for your compute instances and other kinds of resources. A security list consists of a set of ingress and egress security rules that specify the types of traffic allowed in and out. Security list rules apply to all the VNICs (Virtual Network Interface Cards) in any subnet that the security list is associated with. It was detected that the security list {OciNetworkSecurityList.Name} under {OciNetworkSecurityList.Vcn} VCN (Virtual Cloud Network) allows unrestricted ingress access to port 3389 (RDP). To prevent unauthorized access or attacks on compute instances, it is advised to allow RDP access only from authorized CIDR blocks, rather than leaving them open to the internet (0.0.0.0/0).
  • Recommended Mitigation

    It is recommended to either edit the ingress rule to be more restrictive, delete the ingress rule, or terminate the security list.