402 – Traceability Loss - Azure

Description

The Azure configurations do not enable the log service with enough granularity. Omitting relevant information may hinder the detection of anomalous behaviors or security breaches.

Impact

Hinder the detection of security issues.

Recommendation

Configure the logs with the necessary granularity level to detect and identify potentially harmful behaviors by enabling logging for read, write and delete requests.

Threat

Authenticated attacker from the Internet.

Expected Remediation Time

60 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: H
• Attack Requirements: N
• Privileges required: L
• User interaction: N
• Confidentiality (VC): N
• Integrity (VI): L
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: U

Requirements

• 075 - Record exceptional events in logs
• 376 - Register severity level
• 377 - Store logs based on valid regulation
• 378 - Use of log management system

Fixes

• Azure

Last updated

2024/02/20