Security Group FTP (21) Port Open to Public

Tenacity Id

Risk Level




Last Updated:

April 21, 2022

An unused AWS Security Group allows public access to the File Transport Protocol (FTP) data port (20). FTP is not encrypted and transmits data in plaintext. Unencrypted data sent via FTP could be exposed to unauthorized or unintended applications, users, or malicious actors. Unused Security Groups should be removed, or if re-assigned, remove the inbound rule allowing FTP (port 20) in this Security Group.