Closed jnikles1 closed 2 years ago
netlify[bot]
commented
2 years ago | Name | Link |
|---|---|
| Latest commit | 4061390b9d69b9af3b4dda7be6ea7e0d96c7b518 |
| Latest deploy log | https://app.netlify.com/sites/inspec-azure/deploys/626ad11fb268f3000a1cbc8a |
jnikles1
commented
2 years ago @sathish-progress - do you know if your buildkite is broken? It seems to be blocked
sathish-progress
commented
2 years ago @sathish-progress - do you know if your buildkite is broken? It seems to be blocked
I have run the job.. it should be fine now
Signed-off-by: Justin Nikles justin.nikles@sap.com
Description
We received reports on false positives where Azure NSGs were flagged as allowing internet ingress, but no such rule was allowing ingress for the flagged ports from the internet. After some investigation, it was found that there was a rule being flagged that allowed traffic for the private address space 10.0.0.0. Due to the RegEx in the source_open method, any rule on an IP address ending in 0.0.0.0 would be flagged, IE 10.0.0.0, 20.0.0.0, etc. This PR fixes this bug and results in proper flagging of the internet IP CIDR.
Issues Resolved
no issue was opened - but improper flagging of non-internet CIDR ranges was fixed
Check List
rake lintpasses