H3-2022-0006

Database Port Exposed to the Internet

Description

The database port on this host is exposed to the internet. An attacker can exploit this misconfiguration by scanning the internet for open database ports and attempting to connect to these ports using commonly known weak or default credentials or previously compromised credentials.

Impact

This misconfiguration enables an attacker to potentially gain unauthorized access to the database, allowing them to potentially steal, delete, or ransom the sensitive information stored within. In certain scenarios, this could also lead to the compromise of the host on which the database is running.

References

• Database Security
• MITRE ATT&CK Technique: T1133: External Remote Services