Amazon S3 publicly writable bucket

Description
  • Amazon S3 provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web. Files within S3 are organized into "buckets", which are named logical containers accessible at a predictable URL. Access controls can be applied to both the bucket itself and to individual objects (files and directories) stored within that bucket.

    This web application is using an Amazon S3 bucket that is publicy writable. That means that an attacker can upload new files to this Amazon S3 bucket and can overwrite or delete existing files.
Remediation
  • Use the Amazon Simple Storage Service (Amazon S3) console to manage access permissions for S3 buckets by using access control lists (ACLs). ACLs are resource-based access policies that grant access permissions to buckets and objects.
References