Steps to Reproduce

1. Command run: prowler azure --az-cli-auth
2. Running on ubuntu workstation
3. Run against a single Azure account and subscription
4. az cli credentials have Admin Permissions
5. A VM created in Azure subscription with NSG that allows traffic to TCP port 22 from anywhere
6. Verified that SSH works and is accessible from anywhere

Expected behavior

The status of the "network_ssh_internet_access_restricted " check for the NSG should be "FAIL". But it's "PASS" as shown in the screenshot. Also attaching screenshot from Azure console to confirm misconfiguration.

Actual Result with Screenshots or Logs

How did you install Prowler?

From pip package (pip install prowler)

Environment Resource

Workstation

OS used

Ubuntu 22.0

Prowler version

v4.0.1

Pip version

22.0.2

Context

No response

Hi! @varunupps thanks for the report, I´ll work on this issue and reach you with a solution!
Thanks for using Prowler!!!

awesome. if you need more details, just gimme a shout. ta

@varunupps I´m trying to replicate your issue but I´m getting this:

Could you send me a screenshot like this one?:

It appears when creating an inbound security rule

hello @pedrooot . pls see attached.

@varunupps To ensure that we have the same configuration, can you check that this configuration?:

"securityRules": [
            {
                "name": "SSH",
                "id": "/subscriptions/<subscription_id>/resourceGroups/<resource_group>/providers/Microsoft.Network/networkSecurityGroups/<nsg>/securityRules/SSH",
                "etag": "W/\"<etag>\"",
                "type": "Microsoft.Network/networkSecurityGroups/securityRules",
                "properties": {
                    "provisioningState": "Succeeded",
                    "protocol": "TCP",
                    "sourcePortRange": "*",
                    "destinationPortRange": "22",
                    "sourceAddressPrefix": "*",
                    "destinationAddressPrefix": "*",
                    "access": "Allow",
                    "priority": 1000,
                    "direction": "Inbound",
                    "sourcePortRanges": [],
                    "destinationPortRanges": [],
                    "sourceAddressPrefixes": [],
                    "destinationAddressPrefixes": []
                }
            }
        ],

From

hello @pedrooot . Please see below. Only variation I can see is the case of 'Tcp'

 "securityRules": [
            {
                "name": "SSH",
                "id": "/subscriptions/<subscription_id>/resourceGroups/<resource_group>/providers/Microsoft.Network/networkSecurityGroups/<NSG>/securityRules/SSH",
                "etag": "W/\"<ETAG>\"",
                "type": "Microsoft.Network/networkSecurityGroups/securityRules",
                "properties": {
                    "provisioningState": "Succeeded",
                    "protocol": "Tcp",
                    "sourcePortRange": "*",
                    "destinationPortRange": "22",
                    "sourceAddressPrefix": "*",
                    "destinationAddressPrefix": "*",
                    "access": "Allow",
                    "priority": 1000,
                    "direction": "Inbound",
                    "sourcePortRanges": [],
                    "destinationPortRanges": [],
                    "sourceAddressPrefixes": [],
                    "destinationAddressPrefixes": []
                }
            }
        ],

@pedrooot - could this be it? https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/azure/services/network/network_ssh_internet_access_restricted/network_ssh_internet_access_restricted.py#L26

Yes, I´m pretty sure that changing this line wuould resolve the issue, I´ll do it asap

Hey! @varunupps you can try here the new fix. If the error persists just tell me!
Thanks for using Prowler 😄

hi @pedrooot - it's fixed. thanks for your help