branch[tenablecs_qn1cdykazz]: Auto Generated Pull Request from Tenable.cs #9

garynation · 2022-06-24T08:37:55Z

garynation · 2022-06-24T08:37:58Z

security_group.tf

@@ -10,7 +10,7 @@ resource "aws_security_group" "aws-demo-security-group" {
    to_port     = 0
    from_port   = 0
    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
+    cidr_blocks = ["<cidr>"]


Tenable.cs remediation

[HIGH]: Ensure no security groups allow ingress from 0.0.0.0/0 to ALL ports and protocols

Vulnerability
It is recommended that no security group allows unrestricted ingress access. Exposed ports may allow attackers to access the application listening on that port.

Remediation
In AWS Console -

Sign in the AWS Console and go to the Amazon VPC console.

In the navigation pane, select Security Groups.

For each security group, perform the following actions:
a) Select the security group.
b) Select the Inbound Rules.
c) Identify the rules to be removed.
d) Remove the required rules.

Click Save.

source: tenablecs-

tenablecs-dev added 2 commits June 24, 2022 09:37

Auto Remediation by Tenable.cs, file: security_group.tf

f12483b

Auto Remediation by Tenable.cs, file: vpc.tf

f336e5f

garynation commented Jun 24, 2022

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

branch[tenablecs_qn1cdykazz]: Auto Generated Pull Request from Tenable.cs #9

branch[tenablecs_qn1cdykazz]: Auto Generated Pull Request from Tenable.cs #9

garynation commented Jun 24, 2022

garynation Jun 24, 2022

branch[tenablecs_qn1cdykazz]: Auto Generated Pull Request from Tenable.cs #9

Are you sure you want to change the base?

branch[tenablecs_qn1cdykazz]: Auto Generated Pull Request from Tenable.cs #9

Conversation

garynation commented Jun 24, 2022

garynation Jun 24, 2022

Choose a reason for hiding this comment