Not encrypting EFS mount can lead to data leak
Severity | Exploitability | Providers | Categories |
---|---|---|---|
HIGH | HIGH | AWS | DATA |
Description
Amazon Elastic Container Service (Amazon ECS) is a container management service, in which tasks definition are used to run an individual task or task within a service.
EFS are volumes that can be mounted to a container. When in-transit encryption is not enabled for an EFS mount, the data in transit can be read by someone with access to the network.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | False | False | True |
Data leak.
Remediation guidelines
Enable in-transit encryption for the EFS mount.