Route Table Trusts Overly Broad IP Range

Overview

Ensuring that route tables have appropriately restrictive rules is a key aspect of implementing a Minimum Viable Network. This check identifies route tables that trust subnets with a prefix length smaller than /24, thereby including too many IP addresses. By flagging these overly permissive rules, the check aids in minimizing the network attack surface and adhering to the principle of least privilege.

Vendor

AWS

Cloud Service

EC2

CSMM v1 NET-04.2

Severity

Item Types

AWS::EC2::RouteTable

Overview​

Vendor​

Cloud Service​

Related Controls​

Severity​

Item Types​

Overview

Vendor

Cloud Service

Related Controls

Severity

Item Types