Skip to content

Access Control: Exposed MSSQL Server

Identifier: mssql_exposed

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

Check if the MSSQL server is exposed to the public.

Exposed MSSQL servers should be configured to only allow connections from trusted IP addresses or networks to prevent unauthorized access.

Configuration

Example

Example configuration:

---
security_tests:
  mssql_exposed:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.