CloudFront distribution allows unencrypted (HTTP) communications.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | cloudfront |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The CloudFront distribution is configured to allow unencrypted HTTP connections, exposing data in transit to anyone monitoring the network. Secure HTTPS is not enforced, leaving communications vulnerable to interception.
Impact#
Allowing unencrypted HTTP traffic enables attackers to eavesdrop on sensitive information exchanged between users and CloudFront, such as authentication credentials or personal data. This can lead to data breaches, session hijacking, and non-compliance with security standards.
Resolution#
Only allow HTTPS for CloudFront distribution communication