Unencrypted SQS queue.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | sqs |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The SQS queue is configured without server-side encryption, allowing messages to be stored in plaintext. This makes queue contents vulnerable to unauthorized access if the underlying storage or AWS account is compromised.
Impact#
If exploited, an attacker gaining access to the SQS service or storage could read sensitive messages in the queue, potentially exposing confidential information or enabling further attacks on integrated systems.
Resolution#
Turn on SQS Queue encryption