Skip to main content

Non-encrypted confidential information - S3 Server Side Encryption

Description#

When dealing with sensitive data that is crucial to your business, it is required by regulations to implement encryption in order to protect it from attackers or unauthorized personnel. Using S3 Server-Side Encryption (SSE) will enable Amazon to encrypt your data at rest. Data protected by Server-Side Encryption is encrypted with 256-bit Advanced Encryption Standard (AES-256).

Score#

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base#

  • Attack vector: N
  • Attack complexity: L
  • Privileges required: N
  • User interaction: N
  • Scope: U
  • Confidentiality: N
  • Integrity: N
  • Availability: N

Temporal#

  • Exploit code madurity: X
  • Remediation level: X
  • Report confidence: X

Result#

  • Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N/E:X/RL:X/RC:X
  • Score:
    • Base: 0.0
    • Temporal: 0.0
  • Severity:
    • Base: None
    • Temporal: None

Requirements#