Missing Encryption of Sensitive Data
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-311: Missing Encryption of Sensitive Data |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The AWS SNS topic is not configured to use encryption, meaning messages published to the topic are stored in plaintext. Without a KMS key, sensitive data sent through SNS could be exposed if the topic is accessed by unauthorized users.
Impact#
If the SNS topic is compromised, attackers could read all messages sent to it, leading to potential data leaks of confidential information, regulatory violations, or exposure of internal communications. Lack of encryption increases the risk of unauthorized data access within your AWS environment.