open-to-all
Region: westus2
Overview
Critical
9High
0Medium
0Low
1Informational
0Security issues (10)
| Severity | Non-Compliance | Issue | Remediation | Read more | Action |
|---|---|---|---|---|---|
| Critical | — | Network Security Group (NSG) contains an inbound rule "Port_ANY" that allows unrestricted access on all ports (all services). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on all ports (all services) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 22 (SSH server). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 22 (SSH server) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 21 (FTP server). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 21 (FTP server) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 4333 (MySQL server). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 4333 (MySQL server) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Port_RDP" that allows unrestricted access on TCP port 3389 (RDP server). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 3389 (RDP server) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 135 (RPC server). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 135 (RPC server) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 445 (SMB over TCP). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 445 (SMB over TCP) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 25 (SMTP server). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 25 (SMTP server) to known IP addresses only. | More info | |
| Critical | — | Network Security Group (NSG) contains an inbound rule "Ranges" that allows unrestricted access on TCP port 23 (Telnet). | To implement the principle of least privilege and reduce the possibility of a breach, configure your NSGs to limit inbound traffic on TCP port 23 (Telnet) to known IP addresses only. | More info | |
| Low | — | Network Security Group (NSG) has no diagnostic settings. | To fulfill HIPAA requirements on secure audit record for read/write/delete activities in the system, ensure that diagnostic logging is enabled for each NSG. | More info |