SYM_CONF_0106 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Insufficient Logging
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-778: Insufficient Logging |
| OWASP | A10:2017 - Insufficient Logging & Monitoring |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The storage account is missing logging configuration for queue services. Without proper logging, important details about queue operations (such as access and errors) are not recorded.
Impact
Lack of logging makes it difficult to detect and investigate unauthorized access, operational issues, or potential attacks on your storage queues. This can lead to delayed incident response and hinder compliance or auditing efforts.