| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
The S3 bucket is configured with ‘public-read-write’ access, allowing anyone on the internet to read from and write to the bucket. This exposes all data in the bucket to unauthorized users and permits them to upload, modify, or delete content.
| Property | |
|---|---|
| Language | |
| Severity |  |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
The S3 bucket is configured to allow public or authenticated-read access, which means anyone on the internet or any AWS-authenticated user can read the contents. This exposes all data in the bucket to users who should not have access.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
The IAM policy allows actions that can expose sensitive credentials in API responses, such as access keys or passwords. This increases the risk of accidentally leaking credentials to unauthorized users or external systems.
If exploited, attackers could obtain valid AWS credentials or sensitive tokens, allowing them to access, modify, or control cloud resources. This may result in data breaches, resource compromise, or unauthorized access to critical infrastructure.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
The IAM policy grants permissions that can make AWS resources publicly accessible or expose them to unintended users. This includes actions like setting resource policies or managing permissions without proper restrictions.
If exploited, attackers could gain unauthorized access to sensitive resources, data, or infrastructure. This may lead to data leaks, unauthorized modifications, or complete compromise of critical AWS services in your account.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
The IAM policy grants broad permissions (like reading from S3, Secrets Manager, or RDS) to all resources (’*’) without restricting access to specific resources. This means users may access sensitive data they shouldn’t be allowed to view.
If exploited, attackers or unauthorized users could read or copy confidential data from any S3 bucket, secret, or database in your AWS account, leading to data breaches, regulatory violations, or exposure of intellectual property.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Medium |
The Spring Boot Actuator endpoints are fully exposed without authentication, allowing anyone to access sensitive operational data and controls. This misconfiguration can reveal critical details like environment variables, logs, and even memory dumps.
Attackers can remotely access sensitive information and internal application data, potentially exposing secrets, configuration, or user data. They may also leverage exposed endpoints to further compromise, disrupt, or control the application, leading to data breaches or service outages.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Medium |
A sensitive Spring Boot Actuator endpoint is enabled in your configuration. Exposing non-essential actuator endpoints can allow unauthorized users to access internal application data or controls.
If exploited, attackers could gain access to sensitive information, application metrics, or even perform administrative actions, potentially leading to data leaks, denial of service, or full system compromise.
| Property | |
|---|---|
| Language | generic |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Medium |
All Spring Boot Actuator endpoints are exposed publicly without authentication, making sensitive information and system controls accessible to anyone. This misconfiguration can allow unauthorized users to access endpoints like /actuator/env, /actuator/logfile, and /actuator/heapdump.
Attackers could retrieve sensitive configuration data, view logs, download memory dumps, or manipulate application internals. This can lead to data leaks, exposure of secrets, or enable further attacks, potentially compromising the entire application and underlying infrastructure.
| Property | |
|---|---|
| Language | generic |
| Severity | |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Medium |
Dangerous Spring Boot Actuator endpoints are enabled, exposing sensitive operational features beyond just ‘health’ checks. This can inadvertently make internal application details or controls accessible over the network.
Attackers could access sensitive endpoints to gather information about the application’s internals, modify configurations, or perform destructive actions such as shutting down the service. This can lead to data leaks, service disruption, or unauthorized control over the application.