Unnecessary Open Ports

Vulnerability Details

The host exposes network services on ports that are not required for its intended functionality, increasing the attack surface available to potential attackers.

Unnecessary open ports may expose vulnerable services, enable unauthorized access, or provide attackers with additional vectors for exploitation and lateral movement.

Conduct a port audit and close all unnecessary ports. Implement firewall rules to restrict access to required services only. Use network segmentation to limit service exposure. Regularly scan for unauthorized open ports.

• https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/01-Test_Network_Infrastructure_Configuration