SYM_CONF_0223 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Key Management Errors
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The AWS CodeBuild project is configured to store build artifacts without encryption. This means that the output files generated by your builds are not protected by AWS KMS or any other encryption method.
Impact
Unencrypted build artifacts can be accessed or tampered with if someone gains access to the storage location, exposing sensitive code, credentials, or configuration data. This increases the risk of data breaches and unauthorized modifications that could compromise your application's security.