Aws Mfa Disabled Console Users
Description
Detects AWS IAM users who have console access enabled but do not have Multi-Factor Authentication (MFA) configured. This represents a security risk since these users can access the AWS Management Console using only a password, making their accounts more vulnerable to unauthorized access through credential theft or brute force attacks.
Detection Strategy
• Identifies all IAM users in the AWS account
• Checks if each user has an active console login profile (can access AWS Management Console)
• Verifies if the user has any MFA devices configured
• Reports a vulnerability if a user has console access but zero MFA devices configured
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.