Traceability Loss - AWS
Description
Some AWS services (Such as EC2, ELB or S3) do not correctly set the logging property, which avoids the recording of log files. These files are useful to identify and trace malicious actions or anomalous behaviors. Alternatively, the log files do not have enough detail level.
Impact
Perform harmful actions without raising an alert.
Recommendation
Set the logging property in AWS instances that could handle important data.
Threat
Authenticated attacker from the Internet.
Expected Remediation Time
⏱️ 60 minutes.
Requirements
075 - Record exceptional events in logs376 - Register severity level377 - Store logs based on valid regulation378 - Use of log management systemFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
N
Attack complexity
H
Attack requirements
N
Privileges required
L
User interaction
N
Confidentiality (VC)
N
Integrity (VI)
L
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
P
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P