CloudFront distribution does not have a WAF in front.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | cloudfront |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The CloudFront distribution is not protected by a Web Application Firewall (WAF), leaving it exposed to common web attacks such as SQL injection, cross-site scripting, and other application-layer threats. The missing WAF means malicious requests are not filtered before reaching the application.
Impact#
Without a WAF, attackers can more easily exploit web application vulnerabilities, potentially leading to data breaches, service disruptions, and compromise of sensitive information. This increases the risk of successful attacks against the application and could result in financial or reputational damage.
Resolution#
Enable WAF for the CloudFront distribution