H3-2023-0008
AWS Multi-Factor Authentication Disabled
| Category | CREDENTIALS |
| Base Score | 9.8 |
Description
An AWS account was accessed without any multi-factor authentication enabled.
Impact
This misconfiguration permits remote attackers to conduct credential attacks like password spraying to compromise an account and using it to further compromise an organization.