Granting public ACL rights on a bucket can lead to data leakage
Severity | Exploitability | Providers | Categories |
---|---|---|---|
HIGH | HIGH | AWS | DATA |
Description
AWS S3 Access control lists (ACLs) enable you to manage access to buckets and objects.
Canned ACL are predefined grants. For example, the public-read
canned ACL will allow
anyone to read the content of a bucket with such ACL associated.
The canned ACL defined on the bucket allow public access to the bucket and the objects it contains.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | True | False | False |
- Data leakage.
- Data tampering (if the ACL is
public-read-write
).
Remediation guidelines
Either:
- Use private canned ACL.
- Use ACL with specific grantee, instead of canned ACL.