Inadequate Encryption Strength
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-326: Inadequate Encryption Strength |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The AWS Secrets Manager secret is not explicitly configured to use a customer-managed KMS key for encryption. Relying only on the default AWS-managed key reduces control over how your secrets are protected.
Impact#
If an attacker compromises the default AWS-managed key or if stricter compliance is required, your secrets could be more easily accessed or not meet security standards. This could lead to unauthorized disclosure of sensitive information managed in Secrets Manager.