Skip to content

Horizon3.ai Docs

H3-2022-0089

Horizon3.ai Docs

Welcome
Getting Started
Getting Started
- Register an Account
  Register an Account
- Run an External Pentest
  Run an External Pentest
- Setup NodeZero Host
  Setup NodeZero Host
- Run an Internal Pentest
  Run an Internal Pentest
- Run an AD Password Audit
  Run an AD Password Audit
- Run 1-click Verify
  Run 1-click Verify
- NodeZero Portal Access Control
  NodeZero Portal Access Control
  - User Personas
  - User Management
  - Single Sign-On (SSO)
  - Identity Provider Guides
    Identity Provider Guides
    
    Azure
    
    Okta
Reference
Reference
- API
  API
  - CLI Tool
    
    CLI Tool
    
    Getting Started
    
    Guides
    Guides
    
    Automate NodeZero Deployment
    
    Scheduling from CLI
    
    Monitor Pentests
    
    Paginate Results
  - API Reference
    
    API Reference
    
    Authenticate
    
    Getting Started
    
    GraphQL API
- Automate Scheduling
  Automate Scheduling
- Attack Configuration
  Attack Configuration
  - Remote Access Tool
- BloodHound
- Glossary
- Horizon 3 Weaknesses
  Horizon 3 Weaknesses
- Injecting Credentials
  Injecting Credentials
  - Injecting an AWS Role
- Phishing Impact Test
  Phishing Impact Test
  - The NodeZero Phishing Script
- NodeZero Modules
  NodeZero Modules
  - Cyanide
- Notifications
  Notifications
- Media
  Media
- Templates
  Templates
- Release Notes
  Release Notes
  - 2024.04
  - 2024.03
  - 2024.02
  - 2024.01
Downloads
Downloads

H3-2022-0089

Public Access to Amazon EBS Snapshot


Category	`SECURITY_MISCONFIGURATION`
Base Score	`4.5`

Description

An Amazon EBS Snapshot in your AWS account is publicly accessible, either to everyone or to any authenticated (cross-account) AWS user.

Impact

Attackers may be able to access sensitive data in the EBS snapshot such as browser history and stored passwords

References

AWS Best Practice - Prevent EBS Public Snapshots