SYM_CONF_0047 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Key Management Errors
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The Azure Batch account resource is not configured to use Azure Key Vault for data encryption. This means sensitive data stored or processed by the Batch account may not be properly protected.
Impact
Without Key Vault-based encryption, sensitive information managed by the Batch account could be exposed if the resource is compromised. Attackers may gain access to unencrypted data, increasing the risk of data breaches and non-compliance with security standards.