SYM_CONF_0232 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Missing Encryption of Sensitive Data
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-311: Missing Encryption of Sensitive Data |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The AWS Athena database resource is configured without at-rest encryption. This means sensitive data stored in Athena is not protected by AWS KMS or any encryption key.
Impact
If the database is breached or accessed by unauthorized users, unencrypted data could be exposed, leading to potential data leaks or regulatory violations. Attackers or malicious insiders could read sensitive information stored in Athena without needing to bypass encryption.