445 – Bucket takeover

Description

It is evident in code that there are AWS S3 buckets that are not registered, making it possible for an attacker to hijack them.

Impact

- Affect services that make use of the buckets. - Perform phishing attacks by creating fake websites.

Recommendation

Make sure to make use of the buckets that are established in the code. To eliminate of the code or of the environment buckets of which it does not make use.

Threat

Attacker from the Internet with the possibility of taking over abandoned buckets.

Expected Remediation Time

600 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: H
• Attack Requirements: N
• Privileges required: N
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): N
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: P

Requirements

• 265 - Restrict access to critical processes
• 266 - Disable insecure functionalities

Last updated

2024/02/26