Loading...
Loading...
11 attack paths
| Resources | ||||
|---|---|---|---|---|
98 | CRITICAL | RDS publicly exposed with default admin password | Exposure | 1 resource |
97 | CRITICAL | Public VM with critical CVE leaks DB credentials to a PII database | Exposure | 2 resources |
96 | CRITICAL | Internet to PII database via assumed role and cross-account snapshot | Exposure | 3 resources |
95 | CRITICAL | Internet-exposed VM with vulnerable Log4j -> DB with PII | Exposure | 2 resources |
92 | CRITICAL | Public bucket contains valid AWS access keys | Data Access | 1 resource |
80 | HIGH | Pod with NET_ADMIN can pivot to cluster-admin role | Privilege Escalation | 1 resource |
78 | HIGH | Cross-cloud admin identity without MFA | Privilege Escalation | 2 resources |
72 | HIGH | Internet-facing function reads sensitive bucket | Exposure | 2 resources |
68 | HIGH | Snapshot with PII shared with another account | Data Access | 1 resource |
48 | MEDIUM | Lateral movement: shared SSH key reused across staging and prod | lateral_movement | 2 resources |
22 | LOW | Unused public IP on stopped VM | configuration | 2 resources |