H3-2023-0008¶
AWS Multi-Factor Authentication Disabled
| Category | CREDENTIALS |
| Base Score | 9.8 |
Description¶
An AWS account was accessed without any multi-factor authentication enabled.
Impact¶
This misconfiguration permits remote attackers to conduct credential attacks like password spraying to compromise an account and using it to further compromise an organization.