Traffic Manager uses insecure probing protocol Affecting Network service in Azure

Snyk CCSS

Network / Protocols

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CSA-CCM

Snyk ID SNYK-CC-00566
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

HTTPS-based monitoring improves security and increases accuracy of health probes.

How to fix?

Set monitor_config.protocol to HTTPS.

ARM

Microsoft.Network trafficmanagerprofiles

Terraform

azurerm_traffic_manager_profile

References

Traffic Manager endpoint monitoring