Inadequate Encryption Strength
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-326: Inadequate Encryption Strength |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
Node-to-node encryption is not enabled for your AWS Elasticsearch cluster, which means data transmitted between cluster nodes is not protected. This leaves internal traffic vulnerable to interception within your AWS environment.
Impact#
Without node-to-node encryption, sensitive data sent between Elasticsearch nodes can be exposed to attackers with network access, potentially leading to data breaches, unauthorized access, or compliance violations.