SYM_CONF_0226 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Key Management Errors
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The FSX ONTAP file system resource is not configured to use a customer-managed KMS key for encryption at rest. Without specifying a 'kms_key_id', you lose control over key management, including access and rotation policies.
Impact
If the file system is not encrypted with a customer-managed key, sensitive data stored within could be less secure, increasing the risk of unauthorized access or data exposure. You may also be unable to enforce your organization's compliance requirements for encryption key control and auditing.