Missing Encryption of Sensitive Data
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-311: Missing Encryption of Sensitive Data |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Low |
Description#
The S3 Bucket is being created without enabling server-side encryption. This means data stored in the bucket is not automatically encrypted at rest, leaving it unprotected.
Impact#
Without encryption, sensitive files in the bucket could be accessed in plaintext if the storage layer is compromised. This increases the risk of data breaches, regulatory violations, and unauthorized data exposure.