Internal infrastructure exposed
What has been found
Internal infrastructure exposed
A service was found that is typically used within a private network and not exposed to the general internet. This exposure is likely unintentional and presents a security risk by providing attackers with direct access to internal infrastructure.
Why this is a potential risk
Services intended for internal use are not designed to withstand public exposure. When accessible externally, they become high-value targets for ransomware, data exfiltration, unauthorised access, and other attacks.
Exploiting such services often allows attackers to pivot into internal networks, escalate privileges, or compromise additional systems. Best practice is to restrict internal services to trusted internal networks and only allow external access through controlled, secure channels such as VPNs or zero-trust access gateways.
Potential solutions/Improvements
-
Block unnecessary exposure: Review firewall rules and access control lists to ensure the service is only accessible from internal networks or authorised endpoints.
-
Secure required access: If external access is necessary, enforce VPN or zero-trust access, strong authentication, and encryption.
-
Patch and maintain: Keep the service and underlying infrastructure updated and follow vendor hardening guidelines.
-
Monitor and log: Enable detailed logging and monitor for unusual access patterns or repeated login attempts.
How to verify it is resolved:
- Perform an external vulnerability scan to ensure the service is no longer exposed.
- Review firewall and access control settings to confirm restrictions are in place.
- Ensure that access, if required, is secured with strong authentication and encryption.
- Review historical and ongoing logs for unauthorized access attempts.
- Perform periodic penetration testing to validate that no unintended exposure remains.