Missing Encryption of Sensitive Data
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-311: Missing Encryption of Sensitive Data |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | Low |
Description#
The EBS block device in this AWS launch configuration is not encrypted, meaning data stored on it is not protected at rest. This leaves sensitive information vulnerable if the storage is compromised.
Impact#
If an attacker gains access to the unencrypted EBS volume, they could read all stored data, including confidential files or credentials. This could lead to data breaches, regulatory violations, and increased risk of unauthorized data exposure.