logo

Database

Non-encrypted confidential information - Redshift Cluster

Description

Some AWS Redshift cluster are not encrypted.

Impact

Obtain critical information from the databases in plaintext

Recommendation

Enable the redshift encryption for all clusters

Threat

Authenticated attacker from the Internet with access to the redshift cluster

Expected Remediation Time

⏱️ 60 minutes.

Details

https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html

Requirements

185 - Encrypt sensitive information300 - Mask sensitive data

Fixes

AwsCloudformation

Score

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

Attack vector

N

Attack complexity

L

Attack requirements

N

Privileges required

H

User interaction

N

Confidentiality (VC)

L

Integrity (VI)

N

Availability (VA)

N

Confidentiality (SC)

N

Integrity (SI)

N

Availability (SA)

N

Threat 4.0

Exploit maturity

U

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U