Spaces bucket or bucket object has public read acl set
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | spaces |
| Provider | DigitalOcean |
| Vulnerability Type | misconfiguration |
Description#
A DigitalOcean Spaces bucket or object is configured with a public read ACL, allowing anyone on the internet to access its contents without authentication. This exposes sensitive files or data stored in the bucket to unauthorized users.
Impact#
If exploited, attackers or unauthorized individuals can freely read, download, or index all publicly exposed bucket files. This can lead to information disclosure, data leaks, compliance violations, or reputational damage for the organization.
Resolution#
Apply a more restrictive ACL