Aws Domain Allows Http
Description
Detects AWS OpenSearch domains that allow unencrypted HTTP access instead of enforcing HTTPS-only connections. This misconfiguration could enable attackers to intercept sensitive data transmitted between clients and the OpenSearch domain through man-in-the-middle attacks.
Detection Strategy
• Scans all OpenSearch domains in the specified AWS region
• Examines the DomainEndpointOptions.EnforceHTTPS setting for each domain
• Reports a vulnerability if EnforceHTTPS is set to false, indicating HTTP access is allowed
• Each vulnerability includes the domain's ARN and the current insecure configuration value
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.