IAM misconfigurations

User with Privilege Escalation Permissions without MFA

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

User has roles which allows Privilege escalation, while the user does not have multi-factor authentication activated. If the user will be compromised, the entire account can be compromised
  • Recommended Mitigation

    Enable MFA for privileged escalation user.