Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Azure Data Explorer (Kusto) cluster is not configured to use disk encryption. This means data stored on disk is not protected at rest, increasing the risk of unauthorized access.
Impact#
Without disk encryption, sensitive information on the cluster’s disks could be exposed if an attacker gains access to the underlying storage, potentially leading to data breaches or compliance violations.