Network security group permits ingress from '0.0.0.0/0' to port 3389 (RDP) Affecting Network service in Azure


Severity

0.0
medium
0
10
Severity Framework
Snyk CCSS
Rule category
Network/ Ports

Is your environment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
Frameworks
CIS-AzureCIS-ControlsCSA-CCMISO-27001NIST-800-53PCI-DSSSOC-2
  • Snyk IDSNYK-CC-00479
  • creditSnyk Research Team

Description

Attackers could use brute force techniques to gain access to virtual machines. Once the attackers gain access, they can use a virtual machine as a launch point for compromising other machines on the virtual network or even attack networked devices outside of Azure.

How to fix?

Remove 3389, *, or any port range that covers 3389 from properties.securityRules[].properties.destinationPortRange(s) when 'properties.securityRules[].properties.access' is set to allow.