TF 0021 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Unencrypted SNS topic.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | sns |
| Provider | AWS |
| Vulnerability Type | omission |
Description
The SNS topic is configured without server-side encryption, leaving messages stored in plaintext. This exposes message contents to anyone with access to the topic or its storage.
Impact
If the SNS topic is compromised, attackers could read sensitive messages, leading to data leaks or exposure of confidential information. This increases the risk of unauthorized data access, compliance violations, and potential reputational damage.
Resolution
Turn on SNS Topic encryption