Fork me on GitHub

Test and Verification -> Dynamic depth for infrastructure: Test for exposed services

Risk and Opportunity

Risk: Standard network segmentation and firewalling has not been performed, leading to world open cluster management ports.
Opportunity: With the help of tools the network configuration of unintenonal exposed cluster(s) are tested. To identify clusters, all subdomains might need to be identified with a tool like OWASP Amass to perform portscans based o the result.

Exploit details

Usefullness: Medium
Required knowledge: Very Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low

Additional Information

Implementation hints:
OWASP SAMM 1 Mapping: EH2-B
OWASP SAMM 2 Mapping: v-security-testing|A|1
ISO27001:2017 Controls Mapping: