Aws Unauthorized Public Access
Description
Detects S3 bucket policies that allow dangerous public access by granting non-read permissions to anonymous users (*). This creates a significant security risk as it allows anyone on the internet to perform privileged operations like write, delete or manage bucket contents without authentication.
Detection Strategy
• Analyzes each statement in the S3 bucket policy to check for the following high-risk conditions:
• Policy Effect is set to 'Allow' AND Principal is set to '*' (anonymous access)
• Policy Actions include write/admin permissions beyond read-only access OR grants full s3:* access
• Reports a vulnerability when a policy statement matches all these conditions, indicating overly permissive public access
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.