TF 0341 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
CloudFront distribution does not have a WAF in front.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | cloudfront |
| Provider | AWS |
| Vulnerability Type | omission |
Description
The CloudFront distribution is not protected by a Web Application Firewall (WAF), leaving it exposed to common web attacks such as SQL injection, cross-site scripting, and other application-layer threats. The missing WAF means malicious requests are not filtered before reaching the application.
Impact
Without a WAF, attackers can more easily exploit web application vulnerabilities, potentially leading to data breaches, service disruptions, and compromise of sensitive information. This increases the risk of successful attacks against the application and could result in financial or reputational damage.
Resolution
Enable WAF for the CloudFront distribution