Assets

cart-web-iam-role-43

iam-role · AWS · eu-central-1 · staging

Handles PII

Posture

critical
1
high
1
medium
7
low
2

Ownership

Applicationcart-web
TeamMobile
OwnerRobert King
LanguageJava
Criticality
tier-1

Findings (12)

high
Terraform module pins old AMI with CVEs
tfsecIaC
open
8.6
info
Insecure deserialization in message queue consumer
Burp Pro PenTestPenTest
open
4.3
low
Insecure deserialization in message queue consumer
OWASP ZAPDAST
false positive
6.4
medium
SSRF in webhook fetcher
Scout SuiteCSPM
triaged
6.9
medium
Unencrypted RDS snapshot
tfsecIaC
open
7.5
medium
JWT signed with weak HS256 secret
TruffleHogSecrets
accepted
5.9
medium
Missing CSP header on auth pages
Burp SuiteDAST
open
4.2