Vulnerability Database

S3 Bucket Misconfiguration

AWS S3 is a cloud-based storage solution that’s designed for online backup, file sharing, web hosting and data synchronization.

Misconfigured S3 static-site hosting for S3 buckets typically indicates that the bucket contents are not meant for public use. As a result, attackers can discover and download interesting files via several brute-force techniques.

Solution

Review the misconfigured buckets to confirm they are intended for public use.

Ultimate

Enterprise
  • All Tools, Services, and Plans
  • Suitable For Enterprises
  • Single Sign-On Integration, Single Tenant
  • Dedicated Support, Custom Integrations
  • Annual or Monthly, Fixed-cost Billing