Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The AWS CodeBuild project is configured to store build artifacts without encryption. This means that the output files generated by your builds are not protected by AWS KMS or any other encryption method.
Impact#
Unencrypted build artifacts can be accessed or tampered with if someone gains access to the storage location, exposing sensitive code, credentials, or configuration data. This increases the risk of data breaches and unauthorized modifications that could compromise your application’s security.