Fluid Attacks Database

Description

Detects EC2 instances with disabled termination protection, which could allow accidental or malicious termination of instances. This security check is critical for protecting scheduled instances and capacity-block instances from unintended shutdown or deletion.

Weakness:

257 - Lack of protection against deletion - EC2

Category: Functionality Abuse

Detection Strategy

• Checks only scheduled instances and capacity-block instances, excluding Auto Scaling group instances

• Verifies the DisableApiTermination attribute for each instance

• Reports a vulnerability when termination protection is set to false (disabled)

• Considers an instance vulnerable if it allows API-based termination

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.