Data at risk

OSS Bucket is Public

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are stored in containers called buckets. It was detected that the OSS bucket {AliCloudOssBucket} allows anonymous and/or public access. If a bucket is public (via Access Control List) or is publicly accessible (via bucket policy), everyone may be able to access the content of the bucket, including sensitive data, if any stored in the bucket.

  • Recommended Mitigation

    Review your bucket ACL and policies. If the bucket is not supposed to be publicly accessible, limit the access control list and/or the bucket policy to be privately accessible only. The combination of ACL and policies should be carefully selected and it's preferred to use policies when possible.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.