TF 0002 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Force destroy is enabled on Spaces bucket which is dangerous
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | spaces |
| Provider | DigitalOcean |
| Vulnerability Type | misconfiguration |
Description
Configuring a DigitalOcean Spaces bucket with 'force_destroy' enabled allows the bucket to be deleted without checking if it contains any objects, bypassing safeguards against accidental data loss.
Impact
If exploited, all objects within the bucket could be permanently deleted—intentionally or by mistake—leading to loss of important data and potential disruption of services that depend on these stored assets.
Resolution
Don't use force destroy on bucket configuration