Network security groups that allow traffic from all external ports to all internal ports could pose a risk to a customer's cloud environment. Having strong boundary protection is the first line of defense for any infrastructure, so it is advisable to remove Inbound rules that allow access to all destination ports as a first step. It is considered best practice to allow only necessary traffic when configuring firewall rules.
In Azure Console -
In Terraform -
References:
https://learn.microsoft.com/en-us/azure/virtual-network/network-security-group-how-it-works
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule