TF 0494 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Unencrypted data lake storage.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | datalake |
| Provider | Azure |
| Vulnerability Type | misconfiguration |
Description
The data lake storage resource is configured with encryption disabled, overriding the default secure state. This leaves stored data unprotected at rest, exposing sensitive information to unauthorized access.
Impact
If the storage is compromised, attackers could access, read, or exfiltrate unencrypted data, leading to potential data breaches, regulatory violations, and loss of sensitive organizational or customer information.
Resolution
Enable encryption of data lake storage