Tag: aws-cdk

Exposure of Sensitive Information CDK

The product unintentionally grants unauthorized actors access to a resource by placing it in the wrong control sphere.

AWS api logging disabled cdk

Api Logging Disabled may lead to unable to access log and does not record the event.

AWS insecure transmission CDK

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Use of Default Credentials CDK

The product relies on default credentials(including passwords and cryptographic keys) for potentially vital functions.

S3 partial encrypt CDK

An unencrypted bucket could lead to sensitive data exposure.

Missing Authentication for Critical Function CDK

Missing authentication checks can lead to unauthorized access to a resource or performance of an action.

AWS missing encryption CDK

The AWS resource is missing appropriate encryption.