SAM API must have data cache enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | sam |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The SAM API configuration does not enable cache data encryption, leaving cached method response data stored in plaintext. This increases the risk of sensitive information exposure if the cache is accessed by unauthorized parties.
Impact#
Unencrypted cached data can be intercepted or accessed by attackers, potentially exposing sensitive user or application information and increasing the risk of data breaches or regulatory non-compliance.
Resolution#
Enable cache encryption