Ensure that your S3 buckets content permissions details cannot be viewed by anonymous users in order to protect against unauthorized access. An S3 bucket that grants READ_ACP (view permissions) access to everyone can allow unauthorized users to look for the objects ACL (Access Control List) permissions
Recommended Mitigation
Change the {AwsS3Bucket} bucket policy to block public READ_ACP access
Data at risk
