EC2 Instance FTP (21) Port Open to Public

Tenacity Id

Risk Level




Last Updated:

April 21, 2022

An assigned AWS Security Group allows public access to the File Transfer Protocol (FTP) control port (21). FTP is not encrypted and transmits data in plaintext. Unencrypted data sent via FTP could be exposed to unauthorized or unintended applications, users, or malicious actors. Remove the inbound rule allowing FTP (port 21) in this Security Group.