Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The AWS Athena Workgroup resource is missing encryption settings, which means query results are stored unencrypted. This exposes sensitive data at rest and does not comply with security best practices.
Impact#
Without encryption, anyone with access to Athena query outputs could read sensitive information, leading to data leaks or compliance violations. Attackers or unauthorized users may be able to access, steal, or manipulate confidential query results.