TF 0327 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Kinesis stream is unencrypted.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | kinesis |
| Provider | AWS |
| Vulnerability Type | omission |
Description
The Kinesis stream is configured without server-side encryption, meaning data passing through the stream is not protected in transit. This allows sensitive information to be exposed if intercepted between producers, the stream, and consumers.
Impact
Without encryption, attackers with network access could read or tamper with data moving through the Kinesis stream, leading to potential data breaches or unauthorized access to confidential information.
Resolution
Enable in transit encryption