Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The AKS cluster is not configured to use a disk encryption set, meaning the data stored on managed disks is not encrypted with a customer-managed key. This leaves sensitive data at rest potentially unprotected.
Impact#
Without disk encryption, attackers or unauthorized users who gain access to the underlying storage could read sensitive information from disks. This increases the risk of data exposure and may violate compliance requirements for data protection.