SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
- Query id: 54c417bf-c762-48b9-9d31-b3d87047e3f0
- Query name: SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
- Platform: Terraform
- Severity: Medium
- Category: Networking and Firewall
- URL: Github
Description¶
Check if port 2383 on TCP is publicly accessible by checking the CIDR block range that can access it.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_security_group" "positive1" {
name = "allow_tls_1"
description = "Allow TLS inbound traffic"
vpc_id = aws_vpc.main.id
ingress {
description = "TLS from VPC"
from_port = 2300
to_port = 2400
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group" "positive2" {
name = "allow_tls_2"
description = "Allow TLS inbound traffic"
vpc_id = aws_vpc.main.id
ingress {
description = "TLS from VPC"
from_port = 2380
to_port = 2390
protocol = "tcp"
cidr_blocks = ["0.1.0.0/0"]
}
ingress {
description = "TLS from VPC"
from_port = 2350
to_port = 2384
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}