SYM_CONF_0054 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Key Management Errors
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The Azure Data Explorer (Kusto) cluster is not configured to use disk encryption. This means data stored on disk is not protected at rest, increasing the risk of unauthorized access.
Impact
Without disk encryption, sensitive information on the cluster's disks could be exposed if an attacker gains access to the underlying storage, potentially leading to data breaches or compliance violations.