TF 0315 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Enable at-rest encryption for EMR clusters.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | emr |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description
The EMR cluster is configured without at-rest encryption, meaning data stored on local disks and in S3 is not protected using encryption. This leaves sensitive data vulnerable to unauthorized access if the storage is compromised.
Impact
Without at-rest encryption, an attacker who gains access to the EMR cluster's storage or associated S3 buckets could read sensitive data directly. This can lead to data breaches, regulatory non-compliance, and exposure of confidential information.
Resolution
Enable at-rest encryption for EMR cluster