SYM_CONF_0259 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Incorrect Permission Assignment for Critical Resource
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-732: Incorrect Permission Assignment for Critical Resource |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description
The Glacier Vault access policy is configured with a wildcard principal, allowing any AWS user or identity to access the vault. This overly broad permission means unauthorized users could perform actions on your Glacier resources.
Impact
If exploited, unauthorized users could read, modify, or delete sensitive data stored in the Glacier Vault. This exposes your organization to data breaches, loss of critical backups, and potential regulatory non-compliance.