Insecure service configuration - AWS | Fluid Attacks Database

Database

Description

Because of a misconfiguration in the AWS services, it is possible to identify and/or try to access resources, functionalities, network segments and ports.

Impact

- Identify ports, services and network segments. - Try to access the services found. - Get credentials, services and files information.

Recommendation

Securely configure the vulnerable service to be accessed only by authorized users.

Threat

External attacker with credentials.

Expected Remediation Time

⏱️ 45 minutes.

Requirements

185 - Encrypt sensitive information 265 - Restrict access to critical processes 266 - Disable insecure functionalities

Rules

Aws Invalid Header Fields Not Dropped Aws Sqs Encryption Disabled Aws No Sensitive Info Filter Aws Certificate Expired Aws Cache Encryption Disabled Aws Anyone Can Publish Aws Root Access Keys Aws Intercontainer Encryption Disabled Aws Unencrypted Secrets Aws Public Snapshot Aws Public Clusters Aws Anyone Can Subscribe Aws Cluster Snapshot Unencrypted Aws Cluster Encryption Disabled Aws Encryption At Rest Disabled Aws Db Snapshot Unencrypted Aws Public Snapshots Aws Iam Authentication Disabled Aws Ssl Not Required Aws Transfer Lock Disabled Aws At Rest Encryption Disabled Aws Catalog Encryption Disabled Aws Root Signing Certificates Aws Delete Recovery Points Allowed Aws Default Event Bus Exposed Aws Instance Encryption Disabled Aws Transit Encryption Disabled Aws Replication Publicly Accessible Aws Analysis Without Encryption Aws Sns Server Side Encryption Disabled Aws Notebook Encryption Disabled Aws Broker Publicly Accessible Aws No Security Config Aws Node To Node Encryption Disabled Aws Repository Unencrypted Aws Policies Attached To Users Aws Multiple Access Keys Aws Url Without Authentication Aws Query Results Not Encrypted Aws Stream Encryption Disabled Aws Default Port Aws Public Endpoints Aws Function Exposed Aws Cluster Publicly Accessible Json Yaml Transit Encryption Disabled Json Yaml Publicly Accessible True Redshift Terraform Transit Encryption Disabled Terraform Endpoint Public Access True Terraform Allow Notaction Trust Policy Json Yaml Allow Notaction Trust Policy Json Yaml Uses Default Port Terraform Allow With Notresource Terraform Require Ssl False Json Yaml Allow With Notresource Json Yaml Endpoint Public Access True Json Yaml Require Ssl False Terraform Allow With Notaction Locals Terraform Allow With Notaction Json Yaml Server Side Encryption Disabled Sns Terraform Server Side Encryption Disabled Sqs Json Yaml Allow Notprincipal Trust Policy Json Yaml Policy Attached To User Json Yaml Server Side Encryption Disabled Sqs Json Yaml Missing Iam Authentication Terraform Server Side Encryption Disabled Sns Terraform Uses Default Port Terraform Missing Iam Authentication Terraform Allow With Notresource Locals Terraform Policy Attached To User Terraform Publicly Accessible True Redshift Json Yaml Allow Notaction Statement Terraform Allow Notprincipal Trust Policy

Fixes

Aws Cloudformation