Sql database server allows ingress from any ip

Network misconfigurations

Sql database server allows ingress from any ip

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Azure CIS
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
coppa
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-53
Orca Best Practices
PDPA

Description

{AzureSqlDbServer}, SQL Database Server, allows ingress any ip (0.0.0.0/0). SQL Server includes a firewall that allows to define which connections are authorized and unauthorized. By default, for a SQL Server, a Firewall exists with StartIp of 0.0.0.0 and EndIP of 0.0.0.0 allowing access to all the Azure services. Additionally, a custom rule can be set up with StartIp of 0.0.0.0 and EndIP of 255.255.255.255 allowing access from any ip over the internet. In order to reduce the potential attacks of a SQL server, firewall rules should be defined with more restricted ip addresses by referencing the range of addresses available for a specific SQL Server.

Recommended Mitigation

For each SQL server, click on Networking and disable public access or edit the firewall rules to limit access to only authorized connections.

Sql database server allows ingress from any ip

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS