IAM misconfigurations

User with Privilege Escalation Permissions without MFA

Risk Level

Hazardous (3)

Compliance Frameworks


User has roles which allows Privilege escalation, while the user does not have multi-factor authentication activated. If the user will be compromised, the entire account can be compromised
  • Recommended Mitigation

    Enable MFA for privileged escalation user.