TF 0046 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
ECS Task Definitions with EFS volumes should use in-transit encryption
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | ecs |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description
ECS task definitions using EFS volumes are missing in-transit encryption, allowing data to be transmitted between ECS containers and EFS without protection. This exposes sensitive information to interception during network transit.
Impact
Without in-transit encryption, attackers with network access could intercept and read or manipulate data exchanged between ECS tasks and EFS, leading to data breaches, information leakage, or unauthorized data tampering.
Resolution
Enable in transit encryption when using efs