Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Timestream database is not configured to use a customer-managed KMS encryption key (CMK) for data at rest. Without specifying a CMK, you have less control over key access and rotation, which weakens data protection.
Impact#
If exploited, sensitive data stored in the Timestream database could be more vulnerable to unauthorized access or exposure. Attackers or malicious insiders may gain access to unencrypted or weakly protected data, risking compliance violations and data breaches.