Firewall Rule Allows Too Many Hosts To Access Redis Cache

  • Query id: a829b715-cf75-4e92-b645-54c9b739edfb
  • Query name: Firewall Rule Allows Too Many Hosts To Access Redis Cache
  • Platform: Terraform
  • Severity: Medium
  • Category: Networking and Firewall
  • CWE: 284
  • URL: Github

Description

Check if any firewall rule allows too many hosts to access Redis Cache
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "azurerm_redis_firewall_rule" "positive1" {
  name                = "someIPrange"
  redis_cache_name    = azurerm_redis_cache.example.name
  resource_group_name = azurerm_resource_group.example.name
  start_ip            = "1.0.0.0"
  end_ip              = "3.0.0.0"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "azurerm_redis_firewall_rule" "negative1" {
  name                = "someIPrange"
  redis_cache_name    = azurerm_redis_cache.example.name
  resource_group_name = azurerm_resource_group.example.name
  start_ip            = "1.2.3.4"
  end_ip              = "1.2.3.8"
}