My report has flagged an exposed database. What do you mean?

A database should not be using a port that is directly visible and accessible from the Internet.

Even if this database is protected by a password, open access allows attackers to easily launch their attacks to gain entry into this system, allowing them to control assets, exfiltrate data or install ransomware. This could result in a breach of sensitive information and potentially put businesses and individuals at risk. Additionally, this could cause reputation damage to your organisation.

You should close down the open ports or hide them behind a firewall.