Description
By allowing public access (from IP 0.0.0.0/0) over the internet you are potentially allowing attackers all over the internet access to your network to scan for open ports and attempt brute force techniques to gain access to servers, data, and information systems.
Remediation
Azure Portal
- Go to Azure Portal
- Select Network Security Groups under resources
- Go to Security Group (or all groups one at a time)
- Under Settings->Inbound Security Rules
- On the right-hand pane, review the list of security rules
- Remove or update any inbound rule where incoming / ingress traffic is allowed from source IP '0.0.0.0/0'
Additional documents
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview