TF 0362 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Athena databases and workgroup configurations are created unencrypted at rest by default, they should be encrypted
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | athena |
| Provider | AWS |
| Vulnerability Type | omission |
Description
Athena databases and workgroup result sets are being created without encryption at rest, leaving stored data unprotected. This configuration does not secure sensitive query results or metadata derived from S3 buckets.
Impact
If the Athena database or workgroup is compromised, unencrypted data can be accessed and read by unauthorized parties, leading to potential exposure of sensitive information and regulatory non-compliance.
Resolution
Enable encryption at rest for Athena databases and workgroup configurations