/\1${{ steps.cdate.outputs.date }}
/" docs/index.md
sed -E -i "s/(>
+ Default: ''
+Conditions:
+ cCreateSubnets: !Not [!Equals [!Ref pSubnets, '']]
+ cNotCreateSubnets: !Not [!Condition cCreateSubnets]
+ cUseSsmSubnets: !And [!Condition cNotCreateSubnets, !Not [!Equals [pSsmSubnets, '']]]
+Resources:
+ Subnet1:
+ Type: AWS::EC2::Subnet
+ Properties:
+ VpcId: 'vpc-1234567'
+ CidrBlock: 10.0.0.0/24
+ Subnet2:
+ Type: AWS::EC2::Subnet
+ Properties:
+ VpcId: 'vpc-1234567'
+ CidrBlock: 10.0.0.2/24
+ LoadBalancer:
+ Type: AWS::ElasticLoadBalancing::LoadBalancer
+ Properties:
+ Listeners:
+ -
+ InstancePort: '80'
+ LoadBalancerPort: '80'
+ Protocol: HTTP
+ Subnets:
+ Fn::If:
+ - cCreateSubnets
+ - - !Ref Subnet1
+ - !Ref Subnet2
+ - !Ref pSubnet # extra check to validate singular parameter works
+ - Fn::If:
+ - cUseSsmSubnets
+ - !Ref pSsmSubnets
+ - !Ref pSubnets
+ LoadBalancer2:
+ Type: AWS::ElasticLoadBalancing::LoadBalancer
+ Properties:
+ Fn::If:
+ - cCreateSubnets
+ - Listeners:
+ -
+ InstancePort: '80'
+ LoadBalancerPort: '80'
+ Protocol: HTTP
+ Subnets:
+ - !Ref Subnet1
+ - !Ref Subnet2
+ - Fn::If:
+ - cUseSsmSubnets
+ - Listeners:
+ -
+ InstancePort: '80'
+ LoadBalancerPort: '80'
+ Protocol: HTTP
+ Subnets: !Ref pSsmSubnets
+ - Listeners:
+ -
+ InstancePort: '80'
+ LoadBalancerPort: '80'
+ Protocol: HTTP
+ Subnets: !Ref pSubnets
+ ### Test Custom Resources Don't fail
+ GetSubnets:
+ Type: AWS::CloudFormation::CustomResource
+ Properties:
+ ServiceToken: anArn
+ LoadBalancer3:
+ Type: AWS::ElasticLoadBalancing::LoadBalancer
+ Properties:
+ Listeners:
+ -
+ InstancePort: '80'
+ LoadBalancerPort: '80'
+ Protocol: HTTP
+ Subnets: !GetAtt GetSubnets.Subnets
+ ### Test getatt to another resource and a list getatt
+ SecurityGroup1:
+ Type: AWS::EC2::SecurityGroup
+ Properties:
+ GroupDescription: LoadBalancer Security Group
+ alb1:
+ Type: AWS::ElasticLoadBalancingV2::LoadBalancer
+ Properties:
+ Scheme: internal
+ Subnets: !Ref pSubnets
+ LoadBalancerAttributes:
+ - Key: idle_timeout.timeout_seconds
+ Value: '50'
+ SecurityGroups:
+ - Ref: SecurityGroup1
+ alb2:
+ Type: AWS::ElasticLoadBalancingV2::LoadBalancer
+ Properties:
+ Scheme: internal
+ Subnets: !Ref pSubnets
+ LoadBalancerAttributes:
+ - Key: idle_timeout.timeout_seconds
+ Value: '50'
+ SecurityGroups: !GetAtt alb1.SecurityGroups
+ ### Test CloudFormation resource for Get Atts
+ SubStack:
+ Type: AWS::CloudFormation::Stack
+ Properties:
+ TemplateURL: https://example.com
+ albCfn2:
+ Type: AWS::ElasticLoadBalancingV2::LoadBalancer
+ Properties:
+ Scheme: internal
+ Subnets: !Ref pSubnets
+ LoadBalancerAttributes:
+ - Key: idle_timeout.timeout_seconds
+ Value: '50'
+ SecurityGroups:
+ - !GetAtt SubStack.Outputs.SecurityGroups
+ Listener:
+ Type: AWS::ElasticLoadBalancingV2::Listener
+ Properties:
+ Protocol:
+ Fn::GetAtt:
+ - SubStack
+ - Outputs.Protocol
+ LoadBalancerArn: !GetAtt SubStack.Outputs.LoadBalancerArn
+ KinesisStream:
+ Type: AWS::Kinesis::Stream
+ Properties:
+ ShardCount: 1
+ StreamConsumer:
+ Type: AWS::Kinesis::StreamConsumer
+ Properties:
+ ConsumerName: MyConsumer
+ StreamARN: !GetAtt KinesisStream.Arn
+ 03EventSourceMapping:
+ Type: AWS::Lambda::EventSourceMapping
+ Properties:
+ BatchSize: 500
+ Enabled: true
+ EventSourceArn: !GetAtt StreamConsumer.ConsumerARN
+ FunctionName: !Ref LambdaFunctionArn
+ StartingPosition: LATEST
+ 04EventSourceMapping:
+ Type: AWS::Lambda::EventSourceMapping
+ Properties:
+ BatchSize: 500
+ Enabled: true
+ EventSourceArn: !GetAtt StreamConsumer.StreamARN
+ FunctionName: !Ref LambdaFunctionArn
+ StartingPosition: LATEST
diff --git a/assets/queries/common/passwords_and_secrets/test/negative54.tf b/assets/queries/common/passwords_and_secrets/test/negative42.tf
similarity index 100%
rename from assets/queries/common/passwords_and_secrets/test/negative54.tf
rename to assets/queries/common/passwords_and_secrets/test/negative42.tf
diff --git a/assets/queries/common/passwords_and_secrets/test/negative42.yaml b/assets/queries/common/passwords_and_secrets/test/negative42.yaml
deleted file mode 100644
index 69a9a8c1317..00000000000
--- a/assets/queries/common/passwords_and_secrets/test/negative42.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-Conditions:
- HasKmsKey: !Not [!Equals [!Ref ParentKmsKeyStack, '']]
- HasSecretName: !Not [!Equals [!Ref ParentKmsKeyStack, '']]
- HasPassword: !Not [!Equals [!Ref DBPassword, '']]
diff --git a/assets/queries/common/passwords_and_secrets/test/negative55.tf b/assets/queries/common/passwords_and_secrets/test/negative43.tf
similarity index 100%
rename from assets/queries/common/passwords_and_secrets/test/negative55.tf
rename to assets/queries/common/passwords_and_secrets/test/negative43.tf
diff --git a/assets/queries/common/passwords_and_secrets/test/negative43.yaml b/assets/queries/common/passwords_and_secrets/test/negative43.yaml
deleted file mode 100644
index 3b62384bc30..00000000000
--- a/assets/queries/common/passwords_and_secrets/test/negative43.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-Resources:
- LambdaFunctionV2:
- Type: 'AWS::Lambda::Function'
- Properties:
- Code:
- ZipFile: |
- 'use strict';
- const AWS = require('aws-sdk');
- const response = require('cfn-response');
- const iam = new AWS.IAM({apiVersion: '2010-05-08'});
- exports.handler = (event, context, cb) => {
- console.log(`Invoke: ${JSON.stringify(event)}`);
- function done(err) {
- if (err) {
- console.log(`Error: ${JSON.stringify(err)}`);
- response.send(event, context, response.FAILED, {});
- } else {
- response.send(event, context, response.SUCCESS, {});
- }
- }
- if (event.RequestType === 'Delete') {
- iam.deleteAccountPasswordPolicy({}, done);
- } else if (event.RequestType === 'Create' || event.RequestType === 'Update') {
- const params = {
- MinimumPasswordLength: parseInt(event.ResourceProperties.MinimumPasswordLength, 10),
- RequireSymbols: event.ResourceProperties.RequireSymbols === 'true',
- RequireNumbers: event.ResourceProperties.RequireNumbers === 'true',
- RequireUppercaseCharacters: event.ResourceProperties.RequireUppercaseCharacters === 'true',
- RequireLowercaseCharacters: event.ResourceProperties.RequireLowercaseCharacters === 'true',
- AllowUsersToChangePassword: event.ResourceProperties.AllowUsersToChangePassword === 'true',
- HardExpiry: event.ResourceProperties.HardExpiry === 'true'
- };
- if (parseInt(event.ResourceProperties.MaxPasswordAge, 10) > 0) {
- params.MaxPasswordAge = parseInt(event.ResourceProperties.MaxPasswordAge, 10);
- }
- if (parseInt(event.ResourceProperties.PasswordReusePrevention, 10) > 0) {
- params.PasswordReusePrevention = parseInt(event.ResourceProperties.PasswordReusePrevention, 10);
- }
- iam.updateAccountPasswordPolicy(params, done);
- } else {
- cb(new Error(`unsupported RequestType: ${event.RequestType}`));
- }
- };
- Handler: 'index.handler'
- MemorySize: 128
- Role: !GetAtt 'LambdaRole.Arn'
- Runtime: 'nodejs12.x'
- Timeout: 60
diff --git a/assets/queries/common/passwords_and_secrets/test/negative44.yml b/assets/queries/common/passwords_and_secrets/test/negative44.yml
new file mode 100644
index 00000000000..e441afac9df
--- /dev/null
+++ b/assets/queries/common/passwords_and_secrets/test/negative44.yml
@@ -0,0 +1,20 @@
+on: workflow_call
+
+stages:
+ - build
+
+variables:
+ GIT_PRIVATE_KEY: $GIT_PRIVATE_KEY
+
+jobs:
+ job_build:
+ stage: build
+ script:
+ - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then
+ echo "Missing GIT_PRIVATE_KEY variable!"
+ exit 1
+ fi
+ - echo "Private key is set."
+
+ steps:
+ - uses: actions/checkout@v4
\ No newline at end of file
diff --git a/assets/queries/common/passwords_and_secrets/test/negative57.yml b/assets/queries/common/passwords_and_secrets/test/negative45.yml
similarity index 100%
rename from assets/queries/common/passwords_and_secrets/test/negative57.yml
rename to assets/queries/common/passwords_and_secrets/test/negative45.yml
diff --git a/assets/queries/common/passwords_and_secrets/test/negative58.yaml b/assets/queries/common/passwords_and_secrets/test/negative46.yaml
similarity index 100%
rename from assets/queries/common/passwords_and_secrets/test/negative58.yaml
rename to assets/queries/common/passwords_and_secrets/test/negative46.yaml
diff --git a/assets/queries/common/passwords_and_secrets/test/negative49.yaml b/assets/queries/common/passwords_and_secrets/test/negative49.yaml
deleted file mode 100644
index e3d55dff65a..00000000000
--- a/assets/queries/common/passwords_and_secrets/test/negative49.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-AWSTemplateFormatVersion: "2010-09-09"
-Resources:
- somecode:
- Type: AWS::CodeBuild::Project
- Properties:
- Name: somecodename
- Description: somecodedesc
- TimeoutInMinutes: 10
- QueuedTimeoutInMinutes: 10
- ServiceRole: someservicerole
- EncryptionKey: somekey
- Artifacts:
- Type: someartifact
- Cache:
- Type: somecache
- Modes:
- - mode1
- - mode2
- Environment:
- ComputeType: somecomputetype
- Image: someimage
- Type: someenv
- ImagePullCredentialsType: somepulltype
- Source:
- Type: somesource
- Location: somelocation
- GitCloneDepth: 1
diff --git a/assets/queries/common/passwords_and_secrets/test/negative50.yaml b/assets/queries/common/passwords_and_secrets/test/negative50.yaml
deleted file mode 100644
index 17b6a0c2ff9..00000000000
--- a/assets/queries/common/passwords_and_secrets/test/negative50.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-Type: AWS::Glue::Connection
-Properties:
- CatalogId: "1111111111111"
- ConnectionInput:
- ConnectionProperties:
- CONNECTION_URL:
- Fn::Join:
- - ""
- - - "mongodb://{{resolve:secretsmanager:arn:"
- - Ref: AWS::Partition
- - :secretsmanager:*:1111111111111:secret:/test/resources/docdb-test:SecretString:endpoint::}}/test
- USERNAME:
- Fn::Join:
- - ""
- - - "{{resolve:secretsmanager:arn:"
- - Ref: AWS::Partition
- - :secretsmanager:eu-west-1:*:secret:/test/resources/docdb-test:SecretString:username::}}
- PASSWORD:
- Fn::Join:
- - ""
- - - "{{resolve:secretsmanager:arn:"
- - Ref: AWS::Partition
- - :secretsmanager:us-east-?:*:secret:tiny::}}
- JDBC_ENFORCE_SSL: true
- ConnectionType: MONGODB
diff --git a/assets/queries/common/passwords_and_secrets/test/negative51.yaml b/assets/queries/common/passwords_and_secrets/test/negative51.yaml
deleted file mode 100644
index a4a81ed903b..00000000000
--- a/assets/queries/common/passwords_and_secrets/test/negative51.yaml
+++ /dev/null
@@ -1,160 +0,0 @@
----
-AWSTemplateFormatVersion: "2010-09-09"
-Description: >
- Test values for GetAtt and Ref and conditions
-Parameters:
- pSubnets:
- Type: List
>
- Default: ''
-Conditions:
- cCreateSubnets: !Not [!Equals [!Ref pSubnets, '']]
- cNotCreateSubnets: !Not [!Condition cCreateSubnets]
- cUseSsmSubnets: !And [!Condition cNotCreateSubnets, !Not [!Equals [pSsmSubnets, '']]]
-Resources:
- Subnet1:
- Type: AWS::EC2::Subnet
- Properties:
- VpcId: 'vpc-1234567'
- CidrBlock: 10.0.0.0/24
- Subnet2:
- Type: AWS::EC2::Subnet
- Properties:
- VpcId: 'vpc-1234567'
- CidrBlock: 10.0.0.2/24
- LoadBalancer:
- Type: AWS::ElasticLoadBalancing::LoadBalancer
- Properties:
- Listeners:
- -
- InstancePort: '80'
- LoadBalancerPort: '80'
- Protocol: HTTP
- Subnets:
- Fn::If:
- - cCreateSubnets
- - - !Ref Subnet1
- - !Ref Subnet2
- - !Ref pSubnet # extra check to validate singular parameter works
- - Fn::If:
- - cUseSsmSubnets
- - !Ref pSsmSubnets
- - !Ref pSubnets
- LoadBalancer2:
- Type: AWS::ElasticLoadBalancing::LoadBalancer
- Properties:
- Fn::If:
- - cCreateSubnets
- - Listeners:
- -
- InstancePort: '80'
- LoadBalancerPort: '80'
- Protocol: HTTP
- Subnets:
- - !Ref Subnet1
- - !Ref Subnet2
- - Fn::If:
- - cUseSsmSubnets
- - Listeners:
- -
- InstancePort: '80'
- LoadBalancerPort: '80'
- Protocol: HTTP
- Subnets: !Ref pSsmSubnets
- - Listeners:
- -
- InstancePort: '80'
- LoadBalancerPort: '80'
- Protocol: HTTP
- Subnets: !Ref pSubnets
- ### Test Custom Resources Don't fail
- GetSubnets:
- Type: AWS::CloudFormation::CustomResource
- Properties:
- ServiceToken: anArn
- LoadBalancer3:
- Type: AWS::ElasticLoadBalancing::LoadBalancer
- Properties:
- Listeners:
- -
- InstancePort: '80'
- LoadBalancerPort: '80'
- Protocol: HTTP
- Subnets: !GetAtt GetSubnets.Subnets
- ### Test getatt to another resource and a list getatt
- SecurityGroup1:
- Type: AWS::EC2::SecurityGroup
- Properties:
- GroupDescription: LoadBalancer Security Group
- alb1:
- Type: AWS::ElasticLoadBalancingV2::LoadBalancer
- Properties:
- Scheme: internal
- Subnets: !Ref pSubnets
- LoadBalancerAttributes:
- - Key: idle_timeout.timeout_seconds
- Value: '50'
- SecurityGroups:
- - Ref: SecurityGroup1
- alb2:
- Type: AWS::ElasticLoadBalancingV2::LoadBalancer
- Properties:
- Scheme: internal
- Subnets: !Ref pSubnets
- LoadBalancerAttributes:
- - Key: idle_timeout.timeout_seconds
- Value: '50'
- SecurityGroups: !GetAtt alb1.SecurityGroups
- ### Test CloudFormation resource for Get Atts
- SubStack:
- Type: AWS::CloudFormation::Stack
- Properties:
- TemplateURL: https://example.com
- albCfn2:
- Type: AWS::ElasticLoadBalancingV2::LoadBalancer
- Properties:
- Scheme: internal
- Subnets: !Ref pSubnets
- LoadBalancerAttributes:
- - Key: idle_timeout.timeout_seconds
- Value: '50'
- SecurityGroups:
- - !GetAtt SubStack.Outputs.SecurityGroups
- Listener:
- Type: AWS::ElasticLoadBalancingV2::Listener
- Properties:
- Protocol:
- Fn::GetAtt:
- - SubStack
- - Outputs.Protocol
- LoadBalancerArn: !GetAtt SubStack.Outputs.LoadBalancerArn
- KinesisStream:
- Type: AWS::Kinesis::Stream
- Properties:
- ShardCount: 1
- StreamConsumer:
- Type: AWS::Kinesis::StreamConsumer
- Properties:
- ConsumerName: MyConsumer
- StreamARN: !GetAtt KinesisStream.Arn
- 03EventSourceMapping:
- Type: AWS::Lambda::EventSourceMapping
- Properties:
- BatchSize: 500
- Enabled: true
- EventSourceArn: !GetAtt StreamConsumer.ConsumerARN
- FunctionName: !Ref LambdaFunctionArn
- StartingPosition: LATEST
- 04EventSourceMapping:
- Type: AWS::Lambda::EventSourceMapping
- Properties:
- BatchSize: 500
- Enabled: true
- EventSourceArn: !GetAtt StreamConsumer.StreamARN
- FunctionName: !Ref LambdaFunctionArn
- StartingPosition: LATEST
diff --git a/assets/queries/common/passwords_and_secrets/test/negative56.yml b/assets/queries/common/passwords_and_secrets/test/negative56.yml
deleted file mode 100644
index 7d7231940c9..00000000000
--- a/assets/queries/common/passwords_and_secrets/test/negative56.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-stages:
- - build
-
-variables:
- GIT_PRIVATE_KEY: $GIT_PRIVATE_KEY
-
-job_build:
- stage: build
- script:
- - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then
- echo "Missing GIT_PRIVATE_KEY variable!"
- exit 1
- fi
- - echo "Private key is set."
diff --git a/assets/queries/common/passwords_and_secrets/test/positive44.yaml b/assets/queries/common/passwords_and_secrets/test/positive44.yaml
index 507beda960c..9f2475cd19d 100644
--- a/assets/queries/common/passwords_and_secrets/test/positive44.yaml
+++ b/assets/queries/common/passwords_and_secrets/test/positive44.yaml
@@ -16,3 +16,4 @@ Parameters:
SecretNamePrefix:
Description: 'Used to create resource-based authorization policy for "secretsmanager:GetSecretValue" action. E.g. All Athena JDBC Federation secret names can be prefixed with "AthenaJdbcFederation" and authorization policy will allow "arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:AthenaJdbcFederatione*". Parameter value in this case should be "AthenaJdbcFederation". If you do not have a prefix, you can manually update the IAM policy to add allow any secret names.'
Type: String
+Resources:
\ No newline at end of file
diff --git a/assets/queries/common/passwords_and_secrets/test/positive49.yml b/assets/queries/common/passwords_and_secrets/test/positive49.yml
index f071956afac..1ff80f95f46 100644
--- a/assets/queries/common/passwords_and_secrets/test/positive49.yml
+++ b/assets/queries/common/passwords_and_secrets/test/positive49.yml
@@ -1,14 +1,20 @@
+on: workflow_call
+
stages:
- build
variables:
GIT_PRIVATE_KEY: "heythisisaprivatekey!"
-job_build:
- stage: build
- script:
- - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then
- echo "Missing GIT_PRIVATE_KEY variable!"
- exit 1
- fi
- - echo "Private key is set."
+jobs:
+ job_build:
+ stage: build
+ script:
+ - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then
+ echo "Missing GIT_PRIVATE_KEY variable!"
+ exit 1
+ fi
+ - echo "Private key is set."
+
+ steps:
+ - uses: actions/checkout@v4
\ No newline at end of file
diff --git a/assets/queries/common/passwords_and_secrets/test/positive8.json b/assets/queries/common/passwords_and_secrets/test/positive8.json
index 046356316dc..2fd45f3ca51 100644
--- a/assets/queries/common/passwords_and_secrets/test/positive8.json
+++ b/assets/queries/common/passwords_and_secrets/test/positive8.json
@@ -1,8 +1,10 @@
{
- "service-1": {
- "password": "abcdefg"
- },
- "service-2": {
- "password": "abcdefg"
+ "Resources": {
+ "service-1": {
+ "password": "abcdefg"
+ },
+ "service-2": {
+ "password": "abcdefg"
+ }
}
}
diff --git a/assets/queries/common/passwords_and_secrets/test/positive_expected_result.json b/assets/queries/common/passwords_and_secrets/test/positive_expected_result.json
index e613a39147e..6f9b4c07baf 100644
--- a/assets/queries/common/passwords_and_secrets/test/positive_expected_result.json
+++ b/assets/queries/common/passwords_and_secrets/test/positive_expected_result.json
@@ -50,13 +50,13 @@
{
"queryName": "Passwords And Secrets - Generic Password",
"severity": "HIGH",
- "line": 3,
+ "line": 4,
"fileName": "positive8.json"
},
{
"queryName": "Passwords And Secrets - Generic Password",
"severity": "HIGH",
- "line": 6,
+ "line":7,
"fileName": "positive8.json"
},
{
@@ -404,7 +404,7 @@
{
"queryName": "Passwords And Secrets - Generic Private Key",
"severity": "HIGH",
- "line": 5,
+ "line": 7,
"fileName": "positive49.yml"
},
{
diff --git a/assets/queries/terraform/azure/aks_disk_encryption_set_id_undefined/test/negative.tf b/assets/queries/terraform/azure/aks_disk_encryption_set_id_undefined/test/negative.tf
index d12a2cd5627..75a903f2c65 100644
--- a/assets/queries/terraform/azure/aks_disk_encryption_set_id_undefined/test/negative.tf
+++ b/assets/queries/terraform/azure/aks_disk_encryption_set_id_undefined/test/negative.tf
@@ -14,7 +14,7 @@ resource "azurerm_kubernetes_cluster" "negative" {
}
-resource "azurerm_kubernetes_cluster" "negative" {
+resource "azurerm_kubernetes_cluster2" "negative" {
name = "example-aks1"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
diff --git a/assets/queries/terraform/databricks/autoscale_badly_setup/metadata.json b/assets/queries/terraform/databricks/autoscale_badly_setup/metadata.json
index 7af9affc3ad..7f586ea1b14 100644
--- a/assets/queries/terraform/databricks/autoscale_badly_setup/metadata.json
+++ b/assets/queries/terraform/databricks/autoscale_badly_setup/metadata.json
@@ -1,6 +1,6 @@
{
"id": "953c0cc6-5f30-44cb-a803-bf4ef2571be8",
- "queryName": "(Beta) Databricks Autoscale Badly Setup",
+ "queryName": "Beta - Databricks Autoscale Badly Setup",
"severity": "MEDIUM",
"category": "Resource Management",
"descriptionText": "Databricks should have min and max worker setup for autoscale",
diff --git a/assets/queries/terraform/databricks/autoscale_badly_setup/test/positive_expected_result.json b/assets/queries/terraform/databricks/autoscale_badly_setup/test/positive_expected_result.json
index 6595e319ccc..62f5bc37018 100644
--- a/assets/queries/terraform/databricks/autoscale_badly_setup/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/autoscale_badly_setup/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Databricks Autoscale Badly Setup",
+ "queryName": "Beta - Databricks Autoscale Badly Setup",
"severity": "MEDIUM",
"line": 6,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Databricks Autoscale Badly Setup",
+ "queryName": "Beta - Databricks Autoscale Badly Setup",
"severity": "MEDIUM",
"line": 6,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/databricks/cluster_aws_attributes/metadata.json b/assets/queries/terraform/databricks/cluster_aws_attributes/metadata.json
index be9d8e0b06e..1cd43af5e1c 100644
--- a/assets/queries/terraform/databricks/cluster_aws_attributes/metadata.json
+++ b/assets/queries/terraform/databricks/cluster_aws_attributes/metadata.json
@@ -1,6 +1,6 @@
{
"id": "b0749c53-e3ff-4d09-bbe4-dca94e2e7a38",
- "queryName": "(Beta) Check Databricks Cluster AWS Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster AWS Attribute Best Practices",
"severity": "LOW",
"category": "Best Practices",
"descriptionText": "One or some Databricks Cluster AWS Attribute Best Practices are not respected",
diff --git a/assets/queries/terraform/databricks/cluster_aws_attributes/test/positive_expected_result.json b/assets/queries/terraform/databricks/cluster_aws_attributes/test/positive_expected_result.json
index 0d330433390..570b4640450 100644
--- a/assets/queries/terraform/databricks/cluster_aws_attributes/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/cluster_aws_attributes/test/positive_expected_result.json
@@ -1,24 +1,24 @@
[
{
- "queryName": "(Beta) Check Databricks Cluster AWS Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster AWS Attribute Best Practices",
"severity": "LOW",
"line": 11,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Check Databricks Cluster AWS Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster AWS Attribute Best Practices",
"severity": "LOW",
"line": 13,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) Check Databricks Cluster AWS Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster AWS Attribute Best Practices",
"severity": "LOW",
"line": 10,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) Check Databricks Cluster AWS Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster AWS Attribute Best Practices",
"severity": "LOW",
"line": 12,
"fileName": "positive4.tf"
diff --git a/assets/queries/terraform/databricks/cluster_azure_attributes/metadata.json b/assets/queries/terraform/databricks/cluster_azure_attributes/metadata.json
index a978d45b74d..4a75eaaa2d1 100644
--- a/assets/queries/terraform/databricks/cluster_azure_attributes/metadata.json
+++ b/assets/queries/terraform/databricks/cluster_azure_attributes/metadata.json
@@ -1,6 +1,6 @@
{
"id": "38028698-e663-4ef7-aa92-773fef0ca86f",
- "queryName": "(Beta) Check Databricks Cluster Azure Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster Azure Attribute Best Practices",
"severity": "LOW",
"category": "Best Practices",
"descriptionText": "One or some Databricks Cluster Azure Attribute Best Practices are not respected",
diff --git a/assets/queries/terraform/databricks/cluster_azure_attributes/test/positive_expected_result.json b/assets/queries/terraform/databricks/cluster_azure_attributes/test/positive_expected_result.json
index 437bff583f4..ff26413956c 100644
--- a/assets/queries/terraform/databricks/cluster_azure_attributes/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/cluster_azure_attributes/test/positive_expected_result.json
@@ -1,18 +1,18 @@
[
{
- "queryName": "(Beta) Check Databricks Cluster Azure Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster Azure Attribute Best Practices",
"severity": "LOW",
"line": 11,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Check Databricks Cluster Azure Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster Azure Attribute Best Practices",
"severity": "LOW",
"line": 12,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) Check Databricks Cluster Azure Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster Azure Attribute Best Practices",
"severity": "LOW",
"line": 10,
"fileName": "positive3.tf"
diff --git a/assets/queries/terraform/databricks/cluster_gcp_attributes/metadata.json b/assets/queries/terraform/databricks/cluster_gcp_attributes/metadata.json
index 7da98e19114..ae6cd48b0f2 100644
--- a/assets/queries/terraform/databricks/cluster_gcp_attributes/metadata.json
+++ b/assets/queries/terraform/databricks/cluster_gcp_attributes/metadata.json
@@ -1,6 +1,6 @@
{
"id": "539e4557-d2b5-4d57-a001-cb01140a4e2d",
- "queryName": "(Beta) Check Databricks Cluster GCP Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster GCP Attribute Best Practices",
"severity": "LOW",
"category": "Best Practices",
"descriptionText": "One or some Databricks Cluster GCP Attribute Best Practices are not respected",
diff --git a/assets/queries/terraform/databricks/cluster_gcp_attributes/test/positive_expected_result.json b/assets/queries/terraform/databricks/cluster_gcp_attributes/test/positive_expected_result.json
index 1b156b03c5f..1f57ee94131 100644
--- a/assets/queries/terraform/databricks/cluster_gcp_attributes/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/cluster_gcp_attributes/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Check Databricks Cluster GCP Attribute Best Practices",
+ "queryName": "Beta - Check Databricks Cluster GCP Attribute Best Practices",
"severity": "LOW",
"line": 11,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/databricks/databricks_permissions/metadata.json b/assets/queries/terraform/databricks/databricks_permissions/metadata.json
index 91e61013a01..eb3f11136cc 100755
--- a/assets/queries/terraform/databricks/databricks_permissions/metadata.json
+++ b/assets/queries/terraform/databricks/databricks_permissions/metadata.json
@@ -1,6 +1,6 @@
{
"id": "a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5",
- "queryName": "(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)",
+ "queryName": "Beta - Databricks Cluster or Job With None Or Insecure Permission(s)",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "Databricks Cluster and Job must have restricted permissions",
diff --git a/assets/queries/terraform/databricks/databricks_permissions/test/positive_expected_result.json b/assets/queries/terraform/databricks/databricks_permissions/test/positive_expected_result.json
index 2c70b6990af..56941a9a8fe 100755
--- a/assets/queries/terraform/databricks/databricks_permissions/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/databricks_permissions/test/positive_expected_result.json
@@ -1,24 +1,24 @@
[
{
- "queryName": "(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)",
+ "queryName": "Beta - Databricks Cluster or Job With None Or Insecure Permission(s)",
"severity": "HIGH",
"line": 16,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)",
+ "queryName": "Beta - Databricks Cluster or Job With None Or Insecure Permission(s)",
"severity": "HIGH",
"line": 12,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)",
+ "queryName": "Beta - Databricks Cluster or Job With None Or Insecure Permission(s)",
"severity": "HIGH",
"line": 16,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)",
+ "queryName": "Beta - Databricks Cluster or Job With None Or Insecure Permission(s)",
"severity": "HIGH",
"line": 16,
"fileName": "positive4.tf"
diff --git a/assets/queries/terraform/databricks/group_without_user_or_instance_profile/metadata.json b/assets/queries/terraform/databricks/group_without_user_or_instance_profile/metadata.json
index f0507e29e7d..7e63d97c483 100644
--- a/assets/queries/terraform/databricks/group_without_user_or_instance_profile/metadata.json
+++ b/assets/queries/terraform/databricks/group_without_user_or_instance_profile/metadata.json
@@ -1,6 +1,6 @@
{
"id": "23c3067a-8cc9-480c-b645-7c1e0ad4bf60",
- "queryName": "(Beta) Databricks Group Without User Or Instance Profile",
+ "queryName": "Beta - Databricks Group Without User Or Instance Profile",
"severity": "LOW",
"category": "Access Control",
"descriptionText": "Databricks Group should have at least one user or one instance profile associated",
diff --git a/assets/queries/terraform/databricks/group_without_user_or_instance_profile/test/positive_expected_result.json b/assets/queries/terraform/databricks/group_without_user_or_instance_profile/test/positive_expected_result.json
index f58e91aeef5..5fe3ede7af2 100644
--- a/assets/queries/terraform/databricks/group_without_user_or_instance_profile/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/group_without_user_or_instance_profile/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Databricks Group Without User Or Instance Profile",
+ "queryName": "Beta - Databricks Group Without User Or Instance Profile",
"severity": "LOW",
"line": 16,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Databricks Group Without User Or Instance Profile",
+ "queryName": "Beta - Databricks Group Without User Or Instance Profile",
"severity": "LOW",
"line": 14,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/databricks/indefinitely_obo_token/metadata.json b/assets/queries/terraform/databricks/indefinitely_obo_token/metadata.json
index 74ada6d0a3b..bdc55bd5968 100644
--- a/assets/queries/terraform/databricks/indefinitely_obo_token/metadata.json
+++ b/assets/queries/terraform/databricks/indefinitely_obo_token/metadata.json
@@ -1,6 +1,6 @@
{
"id": "23e1f5f0-12b7-4d7e-9087-f60f42ccd514",
- "queryName": "(Beta) Indefinitely Databricks OBO Token Lifetime",
+ "queryName": "Beta - Indefinitely Databricks OBO Token Lifetime",
"severity": "MEDIUM",
"category": "Insecure Defaults",
"descriptionText": "OBO Token has an indefinitely lifetime",
diff --git a/assets/queries/terraform/databricks/indefinitely_obo_token/test/positive_expected_result.json b/assets/queries/terraform/databricks/indefinitely_obo_token/test/positive_expected_result.json
index 86ef5d8d51b..540b17c3969 100644
--- a/assets/queries/terraform/databricks/indefinitely_obo_token/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/indefinitely_obo_token/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Indefinitely Databricks OBO Token Lifetime",
+ "queryName": "Beta - Indefinitely Databricks OBO Token Lifetime",
"severity": "MEDIUM",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/databricks/indefinitely_token/metadata.json b/assets/queries/terraform/databricks/indefinitely_token/metadata.json
index 25cbcddfcd0..39dd28051e9 100644
--- a/assets/queries/terraform/databricks/indefinitely_token/metadata.json
+++ b/assets/queries/terraform/databricks/indefinitely_token/metadata.json
@@ -1,6 +1,6 @@
{
"id": "7d05ca25-91b4-42ee-b6f6-b06611a87ce8",
- "queryName": "(Beta) Indefinitely Databricks Token Lifetime",
+ "queryName": "Beta - Indefinitely Databricks Token Lifetime",
"severity": "MEDIUM",
"category": "Insecure Defaults",
"descriptionText": "Token has an indefinitely lifetime",
diff --git a/assets/queries/terraform/databricks/indefinitely_token/test/positive_expected_result.json b/assets/queries/terraform/databricks/indefinitely_token/test/positive_expected_result.json
index 6f7c657529b..b4ee7049112 100644
--- a/assets/queries/terraform/databricks/indefinitely_token/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/indefinitely_token/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Indefinitely Databricks Token Lifetime",
+ "queryName": "Beta - Indefinitely Databricks Token Lifetime",
"severity": "MEDIUM",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/databricks/unrestricted_acl/metadata.json b/assets/queries/terraform/databricks/unrestricted_acl/metadata.json
index 3ddd7db37d4..dfd7e7dbc2e 100644
--- a/assets/queries/terraform/databricks/unrestricted_acl/metadata.json
+++ b/assets/queries/terraform/databricks/unrestricted_acl/metadata.json
@@ -1,6 +1,6 @@
{
"id": "2c4fe4a9-f44b-4c70-b09b-5b75cd251805",
- "queryName": "(Beta) Unrestricted Databricks ACL",
+ "queryName": "Beta - Unrestricted Databricks ACL",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "ACL allow ingress from 0.0.0.0/0 and/or ::/0",
diff --git a/assets/queries/terraform/databricks/unrestricted_acl/test/positive_expected_result.json b/assets/queries/terraform/databricks/unrestricted_acl/test/positive_expected_result.json
index a4f0d2a9ee1..a159a2824bc 100644
--- a/assets/queries/terraform/databricks/unrestricted_acl/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/unrestricted_acl/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Unrestricted Databricks ACL",
+ "queryName": "Beta - Unrestricted Databricks ACL",
"severity": "HIGH",
"line": 10,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Unrestricted Databricks ACL",
+ "queryName": "Beta - Unrestricted Databricks ACL",
"severity": "HIGH",
"line": 10,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/databricks/use_lts_spark_version/metadata.json b/assets/queries/terraform/databricks/use_lts_spark_version/metadata.json
index 0d4a8c54c6b..9fd6634544a 100644
--- a/assets/queries/terraform/databricks/use_lts_spark_version/metadata.json
+++ b/assets/queries/terraform/databricks/use_lts_spark_version/metadata.json
@@ -1,6 +1,6 @@
{
"id": "5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6",
- "queryName": "(Beta) Check use no LTS Spark Version",
+ "queryName": "Beta - Check use no LTS Spark Version",
"severity": "LOW",
"category": "Best Practices",
"descriptionText": "Spark Version is not a Long-term Support",
diff --git a/assets/queries/terraform/databricks/use_lts_spark_version/test/positive_expected_result.json b/assets/queries/terraform/databricks/use_lts_spark_version/test/positive_expected_result.json
index bf3d166a95b..fbc39b2895b 100644
--- a/assets/queries/terraform/databricks/use_lts_spark_version/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/use_lts_spark_version/test/positive_expected_result.json
@@ -1,18 +1,18 @@
[
{
- "queryName": "(Beta) Check use no LTS Spark Version",
+ "queryName": "Beta - Check use no LTS Spark Version",
"severity": "LOW",
"line": 8,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Check use no LTS Spark Version",
+ "queryName": "Beta - Check use no LTS Spark Version",
"severity": "LOW",
"line": 11,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) Check use no LTS Spark Version",
+ "queryName": "Beta - Check use no LTS Spark Version",
"severity": "LOW",
"line": 10,
"fileName": "positive3.tf"
diff --git a/assets/queries/terraform/databricks/use_spark_submit_task/metadata.json b/assets/queries/terraform/databricks/use_spark_submit_task/metadata.json
index d60a9e3b273..edf125741fa 100644
--- a/assets/queries/terraform/databricks/use_spark_submit_task/metadata.json
+++ b/assets/queries/terraform/databricks/use_spark_submit_task/metadata.json
@@ -1,6 +1,6 @@
{
"id": "375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7",
- "queryName": "(Beta) Job's Task is Legacy (spark_submit_task)",
+ "queryName": "Beta - Job's Task is Legacy (spark_submit_task)",
"severity": "MEDIUM",
"category": "Best Practices",
"descriptionText": "Job's Task Is spark_submit_task",
diff --git a/assets/queries/terraform/databricks/use_spark_submit_task/test/positive_expected_result.json b/assets/queries/terraform/databricks/use_spark_submit_task/test/positive_expected_result.json
index 1d38cbb24d0..b8f455c0a7d 100644
--- a/assets/queries/terraform/databricks/use_spark_submit_task/test/positive_expected_result.json
+++ b/assets/queries/terraform/databricks/use_spark_submit_task/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Job's Task is Legacy (spark_submit_task)",
+ "queryName": "Beta - Job's Task is Legacy (spark_submit_task)",
"severity": "MEDIUM",
"line": 36,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Job's Task is Legacy (spark_submit_task)",
+ "queryName": "Beta - Job's Task is Legacy (spark_submit_task)",
"severity": "MEDIUM",
"line": 18,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/computing_instance_has_common_private/metadata.json b/assets/queries/terraform/nifcloud/computing_instance_has_common_private/metadata.json
index 377d505f8be..fbc552a95fb 100644
--- a/assets/queries/terraform/nifcloud/computing_instance_has_common_private/metadata.json
+++ b/assets/queries/terraform/nifcloud/computing_instance_has_common_private/metadata.json
@@ -1,6 +1,6 @@
{
"id": "df58dd45-8009-43c2-90f7-c90eb9d53ed9",
- "queryName": "(Beta) Nifcloud Computing Has Common Private Network",
+ "queryName": "Beta - Nifcloud Computing Has Common Private Network",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "The instance has common private network",
diff --git a/assets/queries/terraform/nifcloud/computing_instance_has_common_private/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/computing_instance_has_common_private/test/positive_expected_result.json
index 005b6d9d25e..e0f207ba71b 100644
--- a/assets/queries/terraform/nifcloud/computing_instance_has_common_private/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/computing_instance_has_common_private/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud Computing Has Common Private Network",
+ "queryName": "Beta - Nifcloud Computing Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud Computing Has Common Private Network",
+ "queryName": "Beta - Nifcloud Computing Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/metadata.json b/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/metadata.json
index 4339fdf8008..a08ace8eb6b 100644
--- a/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/metadata.json
+++ b/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/metadata.json
@@ -1,6 +1,6 @@
{
"id": "b2ea2367-8dc9-4231-a035-d0b28bfa3dde",
- "queryName": "(Beta) Nifcloud Computing Has Public Ingress Security Group Rule",
+ "queryName": "Beta - Nifcloud Computing Has Public Ingress Security Group Rule",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "An ingress security group rule allows traffic from /0",
diff --git a/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/test/positive_expected_result.json
index 8c06e21dffa..3ed3da3556d 100644
--- a/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud Computing Has Public Ingress Security Group Rule",
+ "queryName": "Beta - Nifcloud Computing Has Public Ingress Security Group Rule",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/metadata.json b/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/metadata.json
index 5d7f718ed86..72a8697ed85 100644
--- a/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "89218b48-75c9-4cb3-aaba-5299e852e8bc",
- "queryName": "(Beta) Nifcloud Computing Undefined Security Group To Instance",
+ "queryName": "Beta - Nifcloud Computing Undefined Security Group To Instance",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "Missing security group for instance",
diff --git a/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/test/positive_expected_result.json
index d7a177748f7..39f1b2247af 100644
--- a/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud Computing Undefined Security Group To Instance",
+ "queryName": "Beta - Nifcloud Computing Undefined Security Group To Instance",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/metadata.json b/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/metadata.json
index 462d13ee61f..7ba084156f5 100644
--- a/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "41c127a9-3a85-4bc3-a333-ed374eb9c3e4",
- "queryName": "(Beta) Nifcloud Computing Undefined Description To Security Group",
+ "queryName": "Beta - Nifcloud Computing Undefined Description To Security Group",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "Missing description for security group",
diff --git a/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/test/positive_expected_result.json
index 6c0795acbe7..9a6dfc8dc8b 100644
--- a/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/computing_security_group_description_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud Computing Undefined Description To Security Group",
+ "queryName": "Beta - Nifcloud Computing Undefined Description To Security Group",
"severity": "LOW",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/metadata.json b/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/metadata.json
index 2b90ae92f1a..88001fad0e4 100644
--- a/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "e4610872-0b1c-4fb7-ab57-d81c0afdb291",
- "queryName": "(Beta) Nifcloud Computing Undefined Description To Security Group Rule",
+ "queryName": "Beta - Nifcloud Computing Undefined Description To Security Group Rule",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "Missing description for security group rule",
diff --git a/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/test/positive_expected_result.json
index a809cccbd29..7794ee78efd 100644
--- a/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud Computing Undefined Description To Security Group Rule",
+ "queryName": "Beta - Nifcloud Computing Undefined Description To Security Group Rule",
"severity": "LOW",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/metadata.json b/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/metadata.json
index 3b3138bb773..b0f229a57e8 100644
--- a/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/metadata.json
+++ b/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/metadata.json
@@ -1,6 +1,6 @@
{
"id": "e5071f76-cbe7-468d-bb2b-d10f02d2b713",
- "queryName": "(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day",
+ "queryName": "Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day",
"severity": "MEDIUM",
"category": "Backup",
"descriptionText": "The rdb has backup retention less than 2 day",
diff --git a/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/test/positive_expected_result.json
index edc06a1bd4b..3061202486d 100644
--- a/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day",
+ "queryName": "Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day",
"severity": "MEDIUM",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day",
+ "queryName": "Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day",
"severity": "MEDIUM",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/db_has_public_access/metadata.json b/assets/queries/terraform/nifcloud/db_has_public_access/metadata.json
index 2b7ff892620..0062808f940 100644
--- a/assets/queries/terraform/nifcloud/db_has_public_access/metadata.json
+++ b/assets/queries/terraform/nifcloud/db_has_public_access/metadata.json
@@ -1,6 +1,6 @@
{
"id": "fb387023-e4bb-42a8-9a70-6708aa7ff21b",
- "queryName": "(Beta) Nifcloud RDB Has Public DB Access",
+ "queryName": "Beta - Nifcloud RDB Has Public DB Access",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "The rdb has public db access",
diff --git a/assets/queries/terraform/nifcloud/db_has_public_access/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/db_has_public_access/test/positive_expected_result.json
index 2377a8da06d..e296e014786 100644
--- a/assets/queries/terraform/nifcloud/db_has_public_access/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/db_has_public_access/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud RDB Has Public DB Access",
+ "queryName": "Beta - Nifcloud RDB Has Public DB Access",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/db_instance_has_common_private/metadata.json b/assets/queries/terraform/nifcloud/db_instance_has_common_private/metadata.json
index 6bd87e0a76c..bcda5cdbac6 100644
--- a/assets/queries/terraform/nifcloud/db_instance_has_common_private/metadata.json
+++ b/assets/queries/terraform/nifcloud/db_instance_has_common_private/metadata.json
@@ -1,6 +1,6 @@
{
"id": "9bf57c23-fbab-4222-85f3-3f207a53c6a8",
- "queryName": "(Beta) Nifcloud RDB Has Common Private Network",
+ "queryName": "Beta - Nifcloud RDB Has Common Private Network",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "The rdb has common private network",
diff --git a/assets/queries/terraform/nifcloud/db_instance_has_common_private/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/db_instance_has_common_private/test/positive_expected_result.json
index a0282f06b17..c41c5a0fd11 100644
--- a/assets/queries/terraform/nifcloud/db_instance_has_common_private/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/db_instance_has_common_private/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud RDB Has Common Private Network",
+ "queryName": "Beta - Nifcloud RDB Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/db_security_group_description_undefined/metadata.json b/assets/queries/terraform/nifcloud/db_security_group_description_undefined/metadata.json
index 348aa4e079e..a838abbfd43 100644
--- a/assets/queries/terraform/nifcloud/db_security_group_description_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/db_security_group_description_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "940ddce2-26bd-4e31-a9b4-382714f73231",
- "queryName": "(Beta) Nifcloud RDB Undefined Description To DB Security Group",
+ "queryName": "Beta - Nifcloud RDB Undefined Description To DB Security Group",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "Missing description for db security group",
diff --git a/assets/queries/terraform/nifcloud/db_security_group_description_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/db_security_group_description_undefined/test/positive_expected_result.json
index 4c82e57e2ba..849553f1b27 100644
--- a/assets/queries/terraform/nifcloud/db_security_group_description_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/db_security_group_description_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud RDB Undefined Description To DB Security Group",
+ "queryName": "Beta - Nifcloud RDB Undefined Description To DB Security Group",
"severity": "LOW",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/metadata.json b/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/metadata.json
index 85b42fa0dba..026ce9c9d8b 100644
--- a/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/metadata.json
+++ b/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/metadata.json
@@ -1,6 +1,6 @@
{
"id": "a0b846e8-815f-4f15-b660-bc4ab9fa1e1a",
- "queryName": "(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule",
+ "queryName": "Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "An db ingress security group rule allows traffic from /0",
diff --git a/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/test/positive_expected_result.json
index b7a0afa2366..993aac712c5 100644
--- a/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule",
+ "queryName": "Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/dns_has_verified_record/metadata.json b/assets/queries/terraform/nifcloud/dns_has_verified_record/metadata.json
index b3775f61a4d..d4e8147ab5c 100644
--- a/assets/queries/terraform/nifcloud/dns_has_verified_record/metadata.json
+++ b/assets/queries/terraform/nifcloud/dns_has_verified_record/metadata.json
@@ -1,6 +1,6 @@
{
"id": "a1defcb6-55e8-4511-8c2a-30b615b0e057",
- "queryName": "(Beta) Nifcloud DNS Has Verified Record",
+ "queryName": "Beta - Nifcloud DNS Has Verified Record",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "Removing verified record of TXT auth the risk that If the authentication record remains, anyone can register the zone",
diff --git a/assets/queries/terraform/nifcloud/dns_has_verified_record/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/dns_has_verified_record/test/positive_expected_result.json
index 4a73bd10d0d..aedcb06ad91 100644
--- a/assets/queries/terraform/nifcloud/dns_has_verified_record/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/dns_has_verified_record/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud DNS Has Verified Record",
+ "queryName": "Beta - Nifcloud DNS Has Verified Record",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/elb_has_common_private/metadata.json b/assets/queries/terraform/nifcloud/elb_has_common_private/metadata.json
index e74a65c035e..db4d49fee51 100644
--- a/assets/queries/terraform/nifcloud/elb_has_common_private/metadata.json
+++ b/assets/queries/terraform/nifcloud/elb_has_common_private/metadata.json
@@ -1,6 +1,6 @@
{
"id": "5061f84c-ab66-4660-90b9-680c9df346c0",
- "queryName": "(Beta) Nifcloud ELB Has Common Private Network",
+ "queryName": "Beta - Nifcloud ELB Has Common Private Network",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "The elb has common private network",
diff --git a/assets/queries/terraform/nifcloud/elb_has_common_private/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/elb_has_common_private/test/positive_expected_result.json
index 67e098f3278..26c689cfdbb 100644
--- a/assets/queries/terraform/nifcloud/elb_has_common_private/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/elb_has_common_private/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud ELB Has Common Private Network",
+ "queryName": "Beta - Nifcloud ELB Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud ELB Has Common Private Network",
+ "queryName": "Beta - Nifcloud ELB Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/elb_listener_use_http/metadata.json b/assets/queries/terraform/nifcloud/elb_listener_use_http/metadata.json
index 493f1c1dd82..8642ba3f8a0 100644
--- a/assets/queries/terraform/nifcloud/elb_listener_use_http/metadata.json
+++ b/assets/queries/terraform/nifcloud/elb_listener_use_http/metadata.json
@@ -1,6 +1,6 @@
{
"id": "afcb0771-4f94-44ed-ad4a-9f73f11ce6e0",
- "queryName": "(Beta) Nifcloud ELB Listener Use HTTP Protocol",
+ "queryName": "Beta - Nifcloud ELB Listener Use HTTP Protocol",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "The elb listener use http protocol",
diff --git a/assets/queries/terraform/nifcloud/elb_listener_use_http/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/elb_listener_use_http/test/positive_expected_result.json
index 558be99ef9b..f2192b13dc7 100644
--- a/assets/queries/terraform/nifcloud/elb_listener_use_http/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/elb_listener_use_http/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud ELB Listener Use HTTP Protocol",
+ "queryName": "Beta - Nifcloud ELB Listener Use HTTP Protocol",
"severity": "HIGH",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud ELB Listener Use HTTP Protocol",
+ "queryName": "Beta - Nifcloud ELB Listener Use HTTP Protocol",
"severity": "HIGH",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/elb_use_http/metadata.json b/assets/queries/terraform/nifcloud/elb_use_http/metadata.json
index 7025a7679b1..a3c2b3d1b31 100644
--- a/assets/queries/terraform/nifcloud/elb_use_http/metadata.json
+++ b/assets/queries/terraform/nifcloud/elb_use_http/metadata.json
@@ -1,6 +1,6 @@
{
"id": "e2de2b80-2fc2-4502-a764-40930dfcc70a",
- "queryName": "(Beta) Nifcloud ELB Use HTTP Protocol",
+ "queryName": "Beta - Nifcloud ELB Use HTTP Protocol",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "The elb use http protocol",
diff --git a/assets/queries/terraform/nifcloud/elb_use_http/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/elb_use_http/test/positive_expected_result.json
index 7cea218e290..146d2fe7bd9 100644
--- a/assets/queries/terraform/nifcloud/elb_use_http/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/elb_use_http/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud ELB Use HTTP Protocol",
+ "queryName": "Beta - Nifcloud ELB Use HTTP Protocol",
"severity": "HIGH",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud ELB Use HTTP Protocol",
+ "queryName": "Beta - Nifcloud ELB Use HTTP Protocol",
"severity": "HIGH",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/metadata.json b/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/metadata.json
index 93e6d7d7e15..6fcbeaaca74 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/metadata.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/metadata.json
@@ -1,6 +1,6 @@
{
"id": "9f751a80-31f0-43a3-926c-20772791a038",
- "queryName": "(Beta) Nifcloud LB Listener Use HTTP Port",
+ "queryName": "Beta - Nifcloud LB Listener Use HTTP Port",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "The lb listener use http port",
diff --git a/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/test/positive_expected_result.json
index c312bb791f4..bc9ab818464 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_listener_use_http/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud LB Listener Use HTTP Port",
+ "queryName": "Beta - Nifcloud LB Listener Use HTTP Port",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/load_balancer_use_http/metadata.json b/assets/queries/terraform/nifcloud/load_balancer_use_http/metadata.json
index cc2ba011174..ad33afe6d60 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_use_http/metadata.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_use_http/metadata.json
@@ -1,6 +1,6 @@
{
"id": "94e47f3f-b90b-43a1-a36d-521580bae863",
- "queryName": "(Beta) Nifcloud LB Use HTTP Port",
+ "queryName": "Beta - Nifcloud LB Use HTTP Port",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "The lb use http port",
diff --git a/assets/queries/terraform/nifcloud/load_balancer_use_http/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/load_balancer_use_http/test/positive_expected_result.json
index d68db05b691..6a1ff808de3 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_use_http/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_use_http/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud LB Use HTTP Port",
+ "queryName": "Beta - Nifcloud LB Use HTTP Port",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/metadata.json b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/metadata.json
index b8583713e1a..f8c8145dfbf 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/metadata.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/metadata.json
@@ -1,6 +1,6 @@
{
"id": "944439c7-b4b8-476a-8f83-14641ea876ba",
- "queryName": "(Beta) Nifcloud LB Use Insecure TLS Policy ID",
+ "queryName": "Beta - Nifcloud LB Use Insecure TLS Policy ID",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "The lb use insecure tls policy",
diff --git a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/test/positive_expected_result.json
index 69817d0016d..dccfbf00a2e 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud LB Use Insecure TLS Policy ID",
+ "queryName": "Beta - Nifcloud LB Use Insecure TLS Policy ID",
"severity": "HIGH",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud LB Use Insecure TLS Policy ID",
+ "queryName": "Beta - Nifcloud LB Use Insecure TLS Policy ID",
"severity": "HIGH",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/metadata.json b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/metadata.json
index 61c44cea34c..f3ba924277d 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/metadata.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/metadata.json
@@ -1,6 +1,6 @@
{
"id": "675e8eaa-2754-42b7-bf33-bfa295d1601d",
- "queryName": "(Beta) Nifcloud LB Use Insecure TLS Policy Name",
+ "queryName": "Beta - Nifcloud LB Use Insecure TLS Policy Name",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "The lb use insecure tls policy",
diff --git a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/test/positive_expected_result.json
index b2a6a1a6945..e6d0ee61318 100644
--- a/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud LB Use Insecure TLS Policy Name",
+ "queryName": "Beta - Nifcloud LB Use Insecure TLS Policy Name",
"severity": "HIGH",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud LB Use Insecure TLS Policy Name",
+ "queryName": "Beta - Nifcloud LB Use Insecure TLS Policy Name",
"severity": "HIGH",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/nas_instance_has_common_private/metadata.json b/assets/queries/terraform/nifcloud/nas_instance_has_common_private/metadata.json
index 921b06eb1d1..548bb46fdf4 100644
--- a/assets/queries/terraform/nifcloud/nas_instance_has_common_private/metadata.json
+++ b/assets/queries/terraform/nifcloud/nas_instance_has_common_private/metadata.json
@@ -1,6 +1,6 @@
{
"id": "4b801c38-ebb4-4c81-984b-1ba525d43adf",
- "queryName": "(Beta) Nifcloud NAS Has Common Private Network",
+ "queryName": "Beta - Nifcloud NAS Has Common Private Network",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "The nas has common private network",
diff --git a/assets/queries/terraform/nifcloud/nas_instance_has_common_private/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/nas_instance_has_common_private/test/positive_expected_result.json
index afea74ba3df..e3d6da98c5f 100644
--- a/assets/queries/terraform/nifcloud/nas_instance_has_common_private/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/nas_instance_has_common_private/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud NAS Has Common Private Network",
+ "queryName": "Beta - Nifcloud NAS Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/metadata.json b/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/metadata.json
index d24d09f8516..dc1f6ddafdc 100644
--- a/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "e840c54a-7a4c-405f-b8c1-c49a54b87d11",
- "queryName": "(Beta) Nifcloud NAS Undefined Description To NAS Security Group",
+ "queryName": "Beta - Nifcloud NAS Undefined Description To NAS Security Group",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "Missing description for nas security group",
diff --git a/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/test/positive_expected_result.json
index b519c074df9..166c9db9633 100644
--- a/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/nas_security_group_description_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud NAS Undefined Description To NAS Security Group",
+ "queryName": "Beta - Nifcloud NAS Undefined Description To NAS Security Group",
"severity": "LOW",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/metadata.json b/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/metadata.json
index 0476a23f5c4..0017ba64299 100644
--- a/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/metadata.json
+++ b/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/metadata.json
@@ -1,6 +1,6 @@
{
"id": "8d7758a7-d9cd-499a-a83e-c9bdcbff728d",
- "queryName": "(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule",
+ "queryName": "Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "An ingress nas security group rule allows traffic from /0",
diff --git a/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/test/positive_expected_result.json
index eeb8bb717e7..1a29d198142 100644
--- a/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule",
+ "queryName": "Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/router_has_common_private/metadata.json b/assets/queries/terraform/nifcloud/router_has_common_private/metadata.json
index 4fa6613dbc2..f5196e5a25c 100644
--- a/assets/queries/terraform/nifcloud/router_has_common_private/metadata.json
+++ b/assets/queries/terraform/nifcloud/router_has_common_private/metadata.json
@@ -1,6 +1,6 @@
{
"id": "30c2760c-740e-4672-9d7f-2c29e0cb385d",
- "queryName": "(Beta) Nifcloud Router Has Common Private Network",
+ "queryName": "Beta - Nifcloud Router Has Common Private Network",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "The router has common private network",
diff --git a/assets/queries/terraform/nifcloud/router_has_common_private/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/router_has_common_private/test/positive_expected_result.json
index 1ec4de4e277..dc13e7e881a 100644
--- a/assets/queries/terraform/nifcloud/router_has_common_private/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/router_has_common_private/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Nifcloud Router Has Common Private Network",
+ "queryName": "Beta - Nifcloud Router Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Nifcloud Router Has Common Private Network",
+ "queryName": "Beta - Nifcloud Router Has Common Private Network",
"severity": "LOW",
"line": 1,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/nifcloud/router_security_group_undefined/metadata.json b/assets/queries/terraform/nifcloud/router_security_group_undefined/metadata.json
index 96bd4dbffc2..2038af7564b 100644
--- a/assets/queries/terraform/nifcloud/router_security_group_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/router_security_group_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "e7dada38-af20-4899-8955-dabea84ab1f0",
- "queryName": "(Beta) Nifcloud Router Undefined Security Group To Router",
+ "queryName": "Beta - Nifcloud Router Undefined Security Group To Router",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "Missing security group for router",
diff --git a/assets/queries/terraform/nifcloud/router_security_group_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/router_security_group_undefined/test/positive_expected_result.json
index c27d67f4b9d..5b5091810f0 100644
--- a/assets/queries/terraform/nifcloud/router_security_group_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/router_security_group_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud Router Undefined Security Group To Router",
+ "queryName": "Beta - Nifcloud Router Undefined Security Group To Router",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/metadata.json b/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/metadata.json
index c918f3e5e81..5b70e669b2f 100644
--- a/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/metadata.json
+++ b/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/metadata.json
@@ -1,6 +1,6 @@
{
"id": "b3535a48-910c-47f8-8b3b-14222f29ef80",
- "queryName": "(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway",
+ "queryName": "Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "Missing security group for vpn gateway",
diff --git a/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/test/positive_expected_result.json b/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/test/positive_expected_result.json
index a3eef4a43eb..8ad51ae0f85 100644
--- a/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/test/positive_expected_result.json
+++ b/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway",
+ "queryName": "Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway",
"severity": "HIGH",
"line": 1,
"fileName": "positive.tf"
diff --git a/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/metadata.json b/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/metadata.json
index a21890fa6ac..8fb83839414 100644
--- a/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/metadata.json
@@ -1,6 +1,6 @@
{
"id": "5d820574-4a60-4916-b049-0810b8629731",
- "queryName": "(Beta) CDB Instance Internet Service Enabled",
+ "queryName": "Beta - CDB Instance Internet Service Enabled",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "CDB Instance Internet should have internet service disabled",
diff --git a/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/test/positive_expected_result.json
index e94045b6407..78b6036bf75 100644
--- a/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) CDB Instance Internet Service Enabled",
+ "queryName": "Beta - CDB Instance Internet Service Enabled",
"severity": "HIGH",
"line": 24,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/metadata.json b/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/metadata.json
index 330b6315553..df97e54aedc 100644
--- a/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/metadata.json
@@ -1,6 +1,6 @@
{
"id": "18d6aa4b-7570-4d95-9c75-90363ef1abd9",
- "queryName": "(Beta) CDB Instance Internet Using Default Intranet Port",
+ "queryName": "Beta - CDB Instance Internet Using Default Intranet Port",
"severity": "LOW",
"category": "Insecure Configurations",
"descriptionText": "CDB Instance Internet should not use have default intranet port",
diff --git a/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/test/positive_expected_result.json
index 48949061e36..50fa9daeb60 100644
--- a/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) CDB Instance Internet Using Default Intranet Port",
+ "queryName": "Beta - CDB Instance Internet Using Default Intranet Port",
"severity": "LOW",
"line": 34,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) CDB Instance Internet Using Default Intranet Port",
+ "queryName": "Beta - CDB Instance Internet Using Default Intranet Port",
"severity": "LOW",
"line": 23,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/metadata.json b/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/metadata.json
index 002a77e4fd8..e9c5a5c6113 100644
--- a/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/metadata.json
@@ -1,6 +1,6 @@
{
"id": "ca94be07-7de3-4ae7-85ef-67e0462ec694",
- "queryName": "(Beta) CDB Instance Without Backup Policy",
+ "queryName": "Beta - CDB Instance Without Backup Policy",
"severity": "MEDIUM",
"category": "Backup",
"descriptionText": "CDB Instance should have set Backup Policy",
diff --git a/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/test/positive_expected_result.json
index 94d3c472ba5..250875c7cd0 100644
--- a/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) CDB Instance Without Backup Policy",
+ "queryName": "Beta - CDB Instance Without Backup Policy",
"severity": "MEDIUM",
"line": 23,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/metadata.json b/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/metadata.json
index 5cbee6790a8..5c41fe0b1be 100644
--- a/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/metadata.json
+++ b/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/metadata.json
@@ -1,6 +1,6 @@
{
"id": "ada01ed1-b10c-4f2a-b110-b20fa4f9baa6",
- "queryName": "(Beta) CLB Instance Log Setting Disabled",
+ "queryName": "Beta - CLB Instance Log Setting Disabled",
"severity": "MEDIUM",
"category": "Encryption",
"descriptionText": "CLB Instance should set log enabled",
diff --git a/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/test/positive_expected_result.json
index 766215c917d..299c9072d5d 100644
--- a/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) CLB Instance Log Setting Disabled",
+ "queryName": "Beta - CLB Instance Log Setting Disabled",
"severity": "MEDIUM",
"line": 19,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/metadata.json b/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/metadata.json
index 5e1d0b39e34..1845fe935a7 100644
--- a/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/metadata.json
+++ b/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/metadata.json
@@ -1,6 +1,6 @@
{
"id": "fe08b81c-12e9-4b5e-9006-4218fca750fd",
- "queryName": "(Beta) CLB Listener Using Insecure Protocols",
+ "queryName": "Beta - CLB Listener Using Insecure Protocols",
"severity": "HIGH",
"category": "Encryption",
"descriptionText": "CLB Listener protocol must not use insecure protocols",
diff --git a/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/test/positive_expected_result.json
index 64348678e1e..ed591bc5b79 100644
--- a/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols/test/positive_expected_result.json
@@ -1,18 +1,18 @@
[
{
- "queryName": "(Beta) CLB Listener Using Insecure Protocols",
+ "queryName": "Beta - CLB Listener Using Insecure Protocols",
"severity": "HIGH",
"line": 4,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) CLB Listener Using Insecure Protocols",
+ "queryName": "Beta - CLB Listener Using Insecure Protocols",
"severity": "HIGH",
"line": 4,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) CLB Listener Using Insecure Protocols",
+ "queryName": "Beta - CLB Listener Using Insecure Protocols",
"severity": "HIGH",
"line": 4,
"fileName": "positive3.tf"
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/metadata.json b/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/metadata.json
index 5b2a1dbc7bf..7bf6d8ff29d 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/metadata.json
@@ -1,6 +1,6 @@
{
"id": "966ed4f7-b8a5-4e8d-b2bf-098657c98960",
- "queryName": "(Beta) CVM Instance Disable Monitor Service",
+ "queryName": "Beta - CVM Instance Disable Monitor Service",
"severity": "INFO",
"category": "Observability",
"descriptionText": "CVM Instance should have detailed monitor service enabled.",
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/test/positive_expected_result.json
index f251aa25017..14ba4bb2bbb 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) CVM Instance Disable Monitor Service",
+ "queryName": "Beta - CVM Instance Disable Monitor Service",
"severity": "INFO",
"line": 13,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/metadata.json b/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/metadata.json
index 919ad8a7379..176edb1026c 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/metadata.json
@@ -1,6 +1,6 @@
{
"id": "a74b4602-a62c-4a02-956a-e19f86ea24b5",
- "queryName": "(Beta) CVM Instance Has Public IP",
+ "queryName": "Beta - CVM Instance Has Public IP",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "CVM Instance should not have a public IP address.",
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/test/positive_expected_result.json
index 6018bad92b0..dc346d27053 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) CVM Instance Has Public IP",
+ "queryName": "Beta - CVM Instance Has Public IP",
"severity": "HIGH",
"line": 13,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/metadata.json b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/metadata.json
index a2b820c6ffd..7ebd40a923d 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/metadata.json
@@ -1,6 +1,6 @@
{
"id": "93bb2065-63ec-45a2-a466-f106b56f2e32",
- "queryName": "(Beta) CVM Instance Using Default Security Group",
+ "queryName": "Beta - CVM Instance Using Default Security Group",
"severity": "LOW",
"category": "Access Control",
"descriptionText": "CVM instances should not use default security group(s)",
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/test/positive_expected_result.json
index f618fddbaff..6f15eed3449 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) CVM Instance Using Default Security Group",
+ "queryName": "Beta - CVM Instance Using Default Security Group",
"severity": "LOW",
"line": 18,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) CVM Instance Using Default Security Group",
+ "queryName": "Beta - CVM Instance Using Default Security Group",
"severity": "LOW",
"line": 18,
"fileName": "positive2.tf"
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/metadata.json b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/metadata.json
index 78e4be0a326..7f69a95f5e0 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/metadata.json
@@ -1,6 +1,6 @@
{
"id": "b4e75c5c-83d5-4568-90e3-57ed5ec4051b",
- "queryName": "(Beta) CVM Instance Using Default VPC",
+ "queryName": "Beta - CVM Instance Using Default VPC",
"severity": "LOW",
"category": "Networking and Firewall",
"descriptionText": "CVM Instances should not be configured under a default VPC network",
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/test/positive_expected_result.json
index 5c6ac7d3440..9c855c2fae6 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) CVM Instance Using Default VPC",
+ "queryName": "Beta - CVM Instance Using Default VPC",
"severity": "LOW",
"line": 22,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) CVM Instance Using Default VPC",
+ "queryName": "Beta - CVM Instance Using Default VPC",
"severity": "LOW",
"line": 23,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/metadata.json b/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/metadata.json
index 56ed5145f43..b3ddc7dbafe 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/metadata.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/metadata.json
@@ -1,6 +1,6 @@
{
"id": "5bb6fa08-5e84-4760-a54a-cdcd66626976",
- "queryName": "(Beta) CVM Instance Using User Data",
+ "queryName": "Beta - CVM Instance Using User Data",
"severity": "LOW",
"category": "Access Control",
"descriptionText": "CVM instances should use roles to be granted access",
diff --git a/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/test/positive_expected_result.json
index 788bdf38856..34467fa2394 100644
--- a/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data/test/positive_expected_result.json
@@ -1,24 +1,24 @@
[
{
- "queryName": "(Beta) CVM Instance Using User Data",
+ "queryName": "Beta - CVM Instance Using User Data",
"severity": "LOW",
"line": 41,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) CVM Instance Using User Data",
+ "queryName": "Beta - CVM Instance Using User Data",
"severity": "LOW",
"line": 41,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) CVM Instance Using User Data",
+ "queryName": "Beta - CVM Instance Using User Data",
"severity": "LOW",
"line": 41,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) CVM Instance Using User Data",
+ "queryName": "Beta - CVM Instance Using User Data",
"severity": "LOW",
"line": 41,
"fileName": "positive4.tf"
diff --git a/assets/queries/terraform/tencentcloud/disk_encryption_disabled/metadata.json b/assets/queries/terraform/tencentcloud/disk_encryption_disabled/metadata.json
index b017619a0f9..3bfa6b27af3 100644
--- a/assets/queries/terraform/tencentcloud/disk_encryption_disabled/metadata.json
+++ b/assets/queries/terraform/tencentcloud/disk_encryption_disabled/metadata.json
@@ -1,6 +1,6 @@
{
"id": "1ee0f202-31da-49ba-bbce-04a989912e4b",
- "queryName": "(Beta) Disk Encryption Disabled",
+ "queryName": "Beta - Disk Encryption Disabled",
"severity": "MEDIUM",
"category": "Encryption",
"descriptionText": "Disks should have encryption enabled",
diff --git a/assets/queries/terraform/tencentcloud/disk_encryption_disabled/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/disk_encryption_disabled/test/positive_expected_result.json
index febce0d8491..eff54f4ea7c 100644
--- a/assets/queries/terraform/tencentcloud/disk_encryption_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/disk_encryption_disabled/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) Disk Encryption Disabled",
+ "queryName": "Beta - Disk Encryption Disabled",
"severity": "MEDIUM",
"line": 6,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) Disk Encryption Disabled",
+ "queryName": "Beta - Disk Encryption Disabled",
"severity": "MEDIUM",
"line": 1,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/metadata.json b/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/metadata.json
index 2cd6583baec..87e9070c57e 100644
--- a/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/metadata.json
+++ b/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/metadata.json
@@ -1,6 +1,6 @@
{
"id": "d135a36e-c474-452f-b891-76db1e6d1cd5",
- "queryName": "(Beta) Security Group Rule Set Accepts All Traffic",
+ "queryName": "Beta - Security Group Rule Set Accepts All Traffic",
"severity": "HIGH",
"category": "Networking and Firewall",
"descriptionText": "Security Group Rule Set accepts all traffic",
diff --git a/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/test/positive_expected_result.json
index de503f959e2..2ef2aa4f367 100644
--- a/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic/test/positive_expected_result.json
@@ -1,24 +1,24 @@
[
{
- "queryName": "(Beta) Security Group Rule Set Accepts All Traffic",
+ "queryName": "Beta - Security Group Rule Set Accepts All Traffic",
"severity": "HIGH",
"line": 9,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) Security Group Rule Set Accepts All Traffic",
+ "queryName": "Beta - Security Group Rule Set Accepts All Traffic",
"severity": "HIGH",
"line": 9,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) Security Group Rule Set Accepts All Traffic",
+ "queryName": "Beta - Security Group Rule Set Accepts All Traffic",
"severity": "HIGH",
"line": 9,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) Security Group Rule Set Accepts All Traffic",
+ "queryName": "Beta - Security Group Rule Set Accepts All Traffic",
"severity": "HIGH",
"line": 9,
"fileName": "positive4.tf"
diff --git a/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/metadata.json b/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/metadata.json
index 973e867f205..94db2af6a06 100644
--- a/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/metadata.json
+++ b/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/metadata.json
@@ -1,6 +1,6 @@
{
"id": "3ed47402-e322-465f-a0f0-8681135a17b0",
- "queryName": "(Beta) TKE Cluster Encryption Protection Disabled",
+ "queryName": "Beta - TKE Cluster Encryption Protection Disabled",
"severity": "HIGH",
"category": "Encryption",
"descriptionText": "TKE Cluster should have encryption protection enabled",
diff --git a/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/test/positive_expected_result.json
index c00cfc48973..7ea65238a22 100644
--- a/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) TKE Cluster Encryption Protection Disabled",
+ "queryName": "Beta - TKE Cluster Encryption Protection Disabled",
"severity": "HIGH",
"line": 6,
"fileName": "positive1.tf"
diff --git a/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/metadata.json b/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/metadata.json
index fd7afc34bab..66bfe100e5d 100644
--- a/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/metadata.json
+++ b/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/metadata.json
@@ -1,6 +1,6 @@
{
"id": "df6928ed-02f4-421f-9a67-a529860dd7e7",
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"category": "Insecure Configurations",
"descriptionText": "TKE Cluster 'public_ip_assigned' should be set to false",
diff --git a/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/test/positive_expected_result.json
index 7e2b7298290..1eef8f839ed 100644
--- a/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access/test/positive_expected_result.json
@@ -1,72 +1,72 @@
[
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 63,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 84,
"fileName": "positive1.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 62,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 83,
"fileName": "positive2.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 63,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 84,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 105,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 126,
"fileName": "positive3.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 62,
"fileName": "positive4.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 83,
"fileName": "positive4.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 104,
"fileName": "positive4.tf"
},
{
- "queryName": "(Beta) TKE Cluster Has Public Access",
+ "queryName": "Beta - TKE Cluster Has Public Access",
"severity": "MEDIUM",
"line": 124,
"fileName": "positive4.tf"
diff --git a/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/metadata.json b/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/metadata.json
index b6930bc5509..86977f6eb82 100644
--- a/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/metadata.json
+++ b/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/metadata.json
@@ -1,6 +1,6 @@
{
"id": "fe405074-7e18-40f9-9aef-024aa1d0a889",
- "queryName": "(Beta) TKE Cluster Log Agent Is Not Enabled",
+ "queryName": "Beta - TKE Cluster Log Agent Is Not Enabled",
"severity": "LOW",
"category": "Observability",
"descriptionText": "TKE cluster log agent should be enabled",
diff --git a/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/test/positive_expected_result.json
index 1355b149e38..47581b14c38 100644
--- a/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled/test/positive_expected_result.json
@@ -1,12 +1,12 @@
[
{
- "queryName": "(Beta) TKE Cluster Log Agent Is Not Enabled",
+ "queryName": "Beta - TKE Cluster Log Agent Is Not Enabled",
"severity": "LOW",
"line": 39,
"filename": "positive1.tf"
},
{
- "queryName": "(Beta) TKE Cluster Log Agent Is Not Enabled",
+ "queryName": "Beta - TKE Cluster Log Agent Is Not Enabled",
"severity": "LOW",
"line": 6,
"filename": "positive2.tf"
diff --git a/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/metadata.json b/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/metadata.json
index 0ae9305e52e..12d5983e027 100644
--- a/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/metadata.json
+++ b/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/metadata.json
@@ -1,6 +1,6 @@
{
"id": "a3240001-40db-47b7-abb9-2bcd6a04c430",
- "queryName": "(Beta) VPC Flow Logs Disabled",
+ "queryName": "Beta - VPC Flow Logs Disabled",
"severity": "LOW",
"category": "Observability",
"descriptionText": "VPC resources should have Flow Log enabled",
diff --git a/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/test/positive_expected_result.json b/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/test/positive_expected_result.json
index d951e617d29..d4d89c50509 100644
--- a/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled/test/positive_expected_result.json
@@ -1,6 +1,6 @@
[
{
- "queryName": "(Beta) VPC Flow Logs Disabled",
+ "queryName": "Beta - VPC Flow Logs Disabled",
"severity": "LOW",
"line": 97,
"filename": "positive1.tf"
diff --git a/docker/Dockerfile.ubi8 b/docker/Dockerfile.ubi8
index be8a6b49eb8..af172789f33 100644
--- a/docker/Dockerfile.ubi8
+++ b/docker/Dockerfile.ubi8
@@ -44,7 +44,7 @@ LABEL name="KICS" \
description="Checkmarx/kics is an opensource project that enable you to find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code find more in https://kics.io" \
maintainer="kics@checkmarx.com" \
vendor="Checkmarx" \
- version="v2.1.1" \
+ version="v2.1.2" \
release="1" \
io.k8s.display-name="KICS by Checkmarx" \
io.openshift.tags="kics checkmarx"
diff --git a/docs/index.md b/docs/index.md
index 6e8725ff2a4..667a6a91109 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -11,8 +11,8 @@
diff --git a/docs/js/custom.js b/docs/js/custom.js
index b71e07a70dc..80c84619ebc 100644
--- a/docs/js/custom.js
+++ b/docs/js/custom.js
@@ -1,5 +1,5 @@
-var sortAsc = true;
-var headerArray = [];
+let sortAsc = true;
+let headerArray = [];
@@ -15,22 +15,22 @@ const isHome = document.getElementsByClassName('md-header__button md-logo')[0].h
}
- var kics = document.querySelectorAll(".md-ellipsis")
+ let kics = document.querySelectorAll(".md-ellipsis")
kics[0].setAttribute("style", "display:none;")
// For queries pages
if (window.location.href.includes('/queries/') && window.location.href.includes('-queries')) {
removeElement("div.md-sidebar.md-sidebar--secondary", false)
- var updateTableHeader = document.getElementsByTagName("th")
+ let updateTableHeader = document.getElementsByTagName("th")
- for (var t of updateTableHeader) {
+ for (let t of updateTableHeader) {
t.classList.add("queries-th")
}
//add filter and sort
- var tableHeader = document.querySelectorAll(":not(.modal-body) > table > thead > tr > th")
- for (var i = 0; i < tableHeader.length; i++) {
+ let tableHeader = document.querySelectorAll(":not(.modal-body) > table > thead > tr > th")
+ for (let i = 0; i < tableHeader.length; i++) {
const index = i;
headerArray.push(tableHeader[i].innerText.toLowerCase())
const headerText = sanitize(tableHeader[i].innerText)
@@ -59,8 +59,8 @@ const isHome = document.getElementsByClassName('md-header__button md-logo')[0].h
tableHeader[i].style.verticalAlign = "initial";
}
}
- // var untreatedName = document.getElementsByClassName("md-nav__link md-nav__link--active")[0].innerText
- // var treatedName = untreatedName.replace(/\s+/g, '').toLowerCase()
+ // let untreatedName = document.getElementsByClassName("md-nav__link md-nav__link--active")[0].innerText
+ // let treatedName = untreatedName.replace(/\s+/g, '').toLowerCase()
// treatedName = htmlEncode(treatedName)
const csvFilename = `kics-queries.csv`
const table = document.querySelector(":not(.modal-body) > table")
@@ -88,12 +88,12 @@ function pasteFilter(numberOfColumns) {
}
function filterQueryTable(numberOfColumns) {
- var allLines = document.querySelectorAll(":not(.modal-body) > table > tbody > tr")
+ let allLines = document.querySelectorAll(":not(.modal-body) > table > tbody > tr")
- var hideRow = new Set();
- for (var i = 0; i < numberOfColumns; i++) {
+ let hideRow = new Set();
+ for (let i = 0; i < numberOfColumns; i++) {
const input = document.querySelector(`#query-filter-${i}`)
- var textToFilter = ""
+ let textToFilter = ""
if (input) {
textToFilter = input.value
}
@@ -144,7 +144,7 @@ function sortFunction(index) {
}
function executeSort(index) {
- var allLines = Array.prototype.slice.call(document.querySelectorAll(":not(.modal-body) > table > tbody > tr"))
+ let allLines = Array.prototype.slice.call(document.querySelectorAll(":not(.modal-body) > table > tbody > tr"))
let sortedLines = allLines.sort(sortFunction(index))
const body = document.querySelector(":not(.modal-body) > table > tbody ")
@@ -154,7 +154,7 @@ function executeSort(index) {
}
function removeElement(querySelector, parentElement) {
- var element = document.querySelector(querySelector);
+ let element = document.querySelector(querySelector);
if (element) {
if (parentElement) {
element = element.parentElement;
@@ -164,14 +164,14 @@ function removeElement(querySelector, parentElement) {
}
function exportToCSV(filename) {
- var csv = [];
- var rows = document.querySelectorAll(":not(.modal-body) > table tr");
+ let csv = [];
+ let rows = document.querySelectorAll(":not(.modal-body) > table tr");
for (let r of rows) {
- var row = []
- var cols = r.querySelectorAll("td, th")
- for (var j = 0; j < cols.length; j++) {
- var text = `"${cols[j].innerText.replace(/\n/g, " ").replaceAll(/"/g, '').trim()}"`
+ let row = []
+ let cols = r.querySelectorAll("td, th")
+ for (let j = 0; j < cols.length; j++) {
+ let text = `"${cols[j].innerText.replace(/\n/g, " ").replaceAll(/"/g, '').trim()}"`
if (cols[j].tagName == "TH") {
text = text.match(/[0-9a-zA-Z ]+/)[0]
if (headerArray[j] == "query") {
@@ -183,7 +183,7 @@ function exportToCSV(filename) {
} else if (headerArray[j] == "help") {
text = cols[j].children[0].href
} else if (headerArray[j] == "query") {
- var lastIndex = text.lastIndexOf(" ")
+ let lastIndex = text.lastIndexOf(" ")
text = `"${text.substring(lastIndex + 1)},${text.substring(0, lastIndex)}"`
} else if (headerArray[j] == "description") {
text = text.replace(/\(read more\)/i, '')
@@ -219,3 +219,10 @@ function downloadCSV(csv, filename) {
document.body.appendChild(downloadLink)
downloadLink.click()
}
+
+function newWindowOpenerSafe(event, untrustedURL) {
+ event.preventDefault() // prevent the default link behavior
+ let newWindow=window.open()
+ newWindow.opener=null
+ newWindow.location=untrustedURL
+}
\ No newline at end of file
diff --git a/docs/queries/all-queries.md b/docs/queries/all-queries.md
index f76dcb77995..e192fcdadf2 100644
--- a/docs/queries/all-queries.md
+++ b/docs/queries/all-queries.md
@@ -3,1778 +3,1778 @@ This page contains all queries.
| Query |Platform|Severity|Category|More info|
|-----------------------------|---|---|---|---|
-|ECR Repository Is Publicly Accessible
fb5a5df7-6d74-4243-ab82-ff779a958bfd|Ansible|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Access to Any Principal
3ab1f27d-52cc-4943-af1d-43c1939e739a|Ansible|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Delete Action From All Principals
6fa44721-ef21-41c6-8665-330d59461163|Ansible|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Put Action From All Principals
a0f1bfe0-741e-473f-b3b2-13e66f856fab|Ansible|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With All Permissions
6a6d7e56-c913-4549-b5c5-5221e624d2ec|Ansible|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With Public Access
c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9|Ansible|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
c09e3ca5-f08a-4717-9c87-3919c5e6d209|Ansible|Critical|Insecure Configurations|Query details
Documentation
|
-|DB Security Group With Public Scope
0956aedf-6a7a-478b-ab56-63e2b19923ad|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|RDS Associated with Public Subnet
16732649-4ff6-4cd2-8746-e72c13fae4b8|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
af167837-9636-4086-b815-c239186b9dda|Ansible|High|Access Control|Query details
Documentation
|
-|ECS Service Admin Role Is Present
7db727c1-1720-468e-b80e-06697f71e09e|Ansible|High|Access Control|Query details
Documentation
|
-|IAM Policy Grants Full Permissions
b5ed026d-a772-4f07-97f9-664ba0b116f8|Ansible|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to All Users
a1ef9d2e-4163-40cb-bd92-04f0d602a15d|Ansible|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to Any Authenticated User
75480b31-f349-4b9a-861f-bce19588e674|Ansible|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Get Action From All Principals
53bce6a8-5492-4b1b-81cf-664385f0c4bf|Ansible|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows List Action From All Principals
d395a950-12ce-4314-a742-ac5a785ab44e|Ansible|High|Access Control|Query details
Documentation
|
-|SNS Topic is Publicly Accessible
905f4741-f965-45c1-98db-f7a00a0e5c73|Ansible|High|Access Control|Query details
Documentation
|
-|SQS Policy Allows All Actions
ed9b3beb-92cf-44d9-a9d2-171eeba569d4|Ansible|High|Access Control|Query details
Documentation
|
-|SQS Queue Exposed
86b0efa7-4901-4edd-a37a-c034bec6645a|Ansible|High|Access Control|Query details
Documentation
|
-|Config Rule For Encrypted Volumes Disabled
7674a686-e4b1-4a95-83d4-1fd53c623d84|Ansible|High|Encryption|Query details
Documentation
|
-|DB Instance Storage Not Encrypted
7dfb316c-a6c2-454d-b8a2-97f147b0c0ff|Ansible|High|Encryption|Query details
Documentation
|
-|EBS Volume Encryption Disabled
4b6012e7-7176-46e4-8108-e441785eae57|Ansible|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
727c4fd4-d604-4df6-a179-7713d3c85e20|Ansible|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
2034fb37-bc23-4ca0-8d95-2b9f15829ab5|Ansible|High|Encryption|Query details
Documentation
|
-|Kinesis Not Encrypted With KMS
f2ea6481-1d31-4d40-946a-520dc6321dd7|Ansible|High|Encryption|Query details
Documentation
|
-|Launch Configuration Is Not Encrypted
66477506-6abb-49ed-803d-3fa174cd5f6a|Ansible|High|Encryption|Query details
Documentation
|
-|Redis Not Compliant
9f34885e-c08f-4d13-a7d1-cf190c5bd268|Ansible|High|Encryption|Query details
Documentation
|
-|Redshift Not Encrypted
6a647814-def5-4b85-88f5-897c19f509cd|Ansible|High|Encryption|Query details
Documentation
|
-|S3 Bucket Without Server-side-encryption
594f54e7-f744-45ab-93e4-c6dbaf6cd571|Ansible|High|Encryption|Query details
Documentation
|
-|User Data Contains Encoded Private Key
c09f4d3e-27d2-4d46-9453-abbe9687a64e|Ansible|High|Encryption|Query details
Documentation
|
-|Batch Job Definition With Privileged Container Properties
defe5b18-978d-4722-9325-4d1975d3699f|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|EC2 Group Has Public Interface
5330b503-3319-44ff-9b1c-00ee873f728a|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|KMS Key With Vulnerable Policy
5b9d237a-57d5-4177-be0e-71434b0fef47|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Redshift Publicly Accessible
5c6b727b-1382-4629-8ba9-abd1365e5610|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Root Account Has Active Access Keys
e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|DB Security Group Open To Large Scope
ea0ed1c7-9aef-4464-b7c7-94c762da3640|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Default Security Groups With Unrestricted Traffic
8010e17a-00e9-4635-a692-90d6bcec68bd|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Public Port Wide
71ea648a-d31a-4b5a-a589-5674243f1c33|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Remote Desktop Port Open To Internet
eda7301d-1f3e-47cf-8d4e-976debc64341|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Route53 Record Undefined
445dce51-7e53-4e50-80ef-7f94f14169e4|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Security Group Ingress Not Restricted
ea6bc7a6-d696-4dcf-a788-17fa03c17c81|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Unknown Port Exposed To Internet
722b0f24-5a64-4cca-aa96-cfc26b7e3a5b|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Unrestricted Security Group Ingress
83c5fa4c-e098-48fc-84ee-0a537287ddd2|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Hardcoded AWS Access Key
c2f15af3-66a0-4176-a56e-e4711e502e5c|Ansible|High|Secret Management|Query details
Documentation
|
-|Hardcoded AWS Access Key In Lambda
f34508b9-f574-4330-b42d-88c44cced645|Ansible|High|Secret Management|Query details
Documentation
|
-|AMI Shared With Multiple Accounts
a19b2942-142e-4e2b-93b7-6cf6a6c8d90f|Ansible|Medium|Access Control|Query details
Documentation
|
-|API Gateway Without Configured Authorizer
b16cdb37-ce15-4ab2-8401-d42b05d123fc|Ansible|Medium|Access Control|Query details
Documentation
|
-|Certificate Has Expired
5a443297-19d4-4381-9e5b-24faf947ec22|Ansible|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Using Default Security Group
8d03993b-8384-419b-a681-d1f55149397c|Ansible|Medium|Access Control|Query details
Documentation
|
-|IAM Access Key Is Exposed
7f79f858-fbe8-4186-8a2c-dfd0d958a40f|Ansible|Medium|Access Control|Query details
Documentation
|
-|IAM Group Without Users
f509931b-bbb0-443c-bd9b-10e92ecf2193|Ansible|Medium|Access Control|Query details
Documentation
|
-|IAM Policies Attached To User
eafe4bc3-1042-4f88-b988-1939e64bf060|Ansible|Medium|Access Control|Query details
Documentation
|
-|IAM Policies With Full Privileges
e401d614-8026-4f4b-9af9-75d1197461ba|Ansible|Medium|Access Control|Query details
Documentation
|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services
12a7a7ce-39d6-49dd-923d-aeb4564eb66c|Ansible|Medium|Access Control|Query details
Documentation
|
-|IAM Role Allows All Principals To Assume
babdedcf-d859-43da-9a7b-6d72e661a8fd|Ansible|Medium|Access Control|Query details
Documentation
|
-|Lambda Permission Principal Is Wildcard
1d972c56-8ec2-48c1-a578-887adb09c57a|Ansible|Medium|Access Control|Query details
Documentation
|
-|Public Lambda via API Gateway
5e92d816-2177-4083-85b4-f61b4f7176d9|Ansible|Medium|Access Control|Query details
Documentation
|
-|SES Policy With Allowed IAM Actions
8ed0bfce-f780-46d4-b086-21c3628f09ad|Ansible|Medium|Access Control|Query details
Documentation
|
-|SQS Policy With Public Access
d994585f-defb-4b51-b6d2-c70f020ceb10|Ansible|Medium|Access Control|Query details
Documentation
|
-|Auto Scaling Group With No Associated ELB
050f085f-a8db-4072-9010-2cca235cc02f|Ansible|Medium|Availability|Query details
Documentation
|
-|CMK Is Unusable
133fee21-37ef-45df-a563-4d07edc169f4|Ansible|Medium|Availability|Query details
Documentation
|
-|RDS With Backup Disabled
e69890e6-fce5-461d-98ad-cb98318dfc96|Ansible|Medium|Backup|Query details
Documentation
|
-|S3 Bucket Without Versioning
9232306a-f839-40aa-b3ef-b352001da9a5|Ansible|Medium|Backup|Query details
Documentation
|
-|Stack Retention Disabled
17d5ba1d-7667-4729-b1a6-b11fde3db7f7|Ansible|Medium|Backup|Query details
Documentation
|
-|AMI Not Encrypted
97707503-a22c-4cd7-b7c0-f088fa7cf830|Ansible|Medium|Encryption|Query details
Documentation
|
-|CA Certificate Identifier Is Outdated
5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce|Ansible|Medium|Encryption|Query details
Documentation
|
-|Cloudfront Viewer Protocol Policy Allows HTTP
a6d27cf7-61dc-4bde-ae08-3b353b609f76|Ansible|Medium|Encryption|Query details
Documentation
|
-|CodeBuild Not Encrypted
a1423864-2fbc-4f46-bfe1-fbbf125c71c9|Ansible|Medium|Encryption|Query details
Documentation
|
-|ELB Using Insecure Protocols
730a5951-2760-407a-b032-dd629b55c23a|Ansible|Medium|Encryption|Query details
Documentation
|
-|IAM Database Auth Not Enabled
0ed012a4-9199-43d2-b9e4-9bd049a48aa4|Ansible|Medium|Encryption|Query details
Documentation
|
-|Secure Ciphers Disabled
218413a0-c716-4b94-9e08-0bb70d854709|Ansible|Medium|Encryption|Query details
Documentation
|
-|SQS With SSE Disabled
e1e7b278-2a8b-49bd-a26e-66a7f70b17eb|Ansible|Medium|Encryption|Query details
Documentation
|
-|API Gateway Without SSL Certificate
b47b98ab-e481-4a82-8bb1-1ab39fd36e33|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Certificate RSA Key Bytes Lower Than 256
d5ec2080-340a-4259-b885-f833c4ea6a31|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
d0c13053-d2c8-44a6-95da-d592996e9e67|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|ECR Image Tag Not Immutable
60bfbb8a-c72f-467f-a6dd-a46b7d612789|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|ECS Task Definition Network Mode Not Recommended
01aec7c2-3e4d-4274-ae47-2b8fea22fd1f|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket with Unsecured CORS Rule
3505094c-f77c-4ba0-95da-f83db712f86c|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Vulnerable Default SSL Certificate
fb8f8929-afeb-4c46-99f0-a6cf410f7df4|Ansible|Medium|Insecure Defaults|Query details
Documentation
|
-|ALB Listening on HTTP
f81d63d2-c5d7-43a4-a5b5-66717a41c895|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Endpoint Config is Not Private
559439b2-3e9c-4739-ac46-17e3b24ec215|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway without WAF
f5f38943-664b-4acc-ab11-f292fa10ed0b|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Without WAF
22c80725-e390-4055-8d14-a872230f6607|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Has Public IP
a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
d6c2d06f-43c1-488a-9ba1-8d75b40fc62d|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|HTTP Port Open To Internet
a14ad534-acbe-4a8e-9404-2f7e1045646e|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group With Unrestricted Access To SSH
57ced4b9-6ba4-487b-8843-b65562b90c77|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
7af1c447-c014-4f05-bd8b-ebe3a15734ac|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway With CloudWatch Logging Disabled
72a931c2-12f5-40d1-93cc-47bff2f7aa2a|Ansible|Medium|Observability|Query details
Documentation
|
-|CloudFront Logging Disabled
d31cb911-bf5b-4eb6-9fc3-16780c77c7bd|Ansible|Medium|Observability|Query details
Documentation
|
-|CloudTrail Logging Disabled
d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5|Ansible|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Logging Disabled
c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d|Ansible|Medium|Observability|Query details
Documentation
|
-|No Stack Policy
ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9|Ansible|Medium|Resource Management|Query details
Documentation
|
-|Authentication Without MFA
eee107f9-b3d8-45d3-b9c6-43b5a7263ce1|Ansible|Low|Access Control|Query details
Documentation
|
-|ECS Service Without Running Tasks
f5c45127-1d28-4b49-a692-0b97da1c3a84|Ansible|Low|Availability|Query details
Documentation
|
-|Automatic Minor Upgrades Disabled
857f8808-e96a-4ba8-a9b7-f2d4ec6cad94|Ansible|Low|Best Practices|Query details
Documentation
|
-|CDN Configuration Is Missing
b25398a2-0625-4e61-8e4d-a1bb23905bf6|Ansible|Low|Best Practices|Query details
Documentation
|
-|IAM Password Without Minimum Length
8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d|Ansible|Low|Best Practices|Query details
Documentation
|
-|Lambda Permission Misconfigured
3ddf3417-424d-420d-8275-0724dc426520|Ansible|Low|Best Practices|Query details
Documentation
|
-|Misconfigured Password Policy Expiration
3f2cf811-88fa-4eda-be45-7a191a18aba9|Ansible|Low|Best Practices|Query details
Documentation
|
-|Password Without Reuse Prevention
6f5f5444-1422-495f-81ef-24cefd61ed2c|Ansible|Low|Best Practices|Query details
Documentation
|
-|EFS Without Tags
b8a9852c-9943-4973-b8d5-77dae9352851|Ansible|Low|Build Process|Query details
Documentation
|
-|Stack Without Template
32d31f1f-0f83-4721-b7ec-1e6948c60145|Ansible|Low|Build Process|Query details
Documentation
|
-|CloudTrail Log Files Not Encrypted With KMS
f5587077-3f57-4370-9b4e-4eb5b1bac85b|Ansible|Low|Encryption|Query details
Documentation
|
-|EFS Without KMS
bd77554e-f138-40c5-91b2-2a09f878608e|Ansible|Low|Encryption|Query details
Documentation
|
-|AWS Password Policy With Unchangeable Passwords
e28ceb92-d588-4166-aac5-766c8f5b7472|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|Instance With No VPC
61d1a2d0-4db8-405a-913d-5d2ce49dff6f|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|Lambda Function Without Tags
265d9725-2fb8-42a2-bc57-3279c5db82d5|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|EC2 Instance Using Default VPC
8833f180-96f1-46f4-9147-849aafa56029|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Using Default Port
7cc6c791-5f68-4816-a564-b9b699f9d26e|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Without VPC
5527dcfc-94f9-4bf6-b7d4-1b78850cf41f|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|RDS Using Default Port
2cb674f6-32f9-40be-97f2-62c0dc38f0d5|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|Redshift Using Default Port
e01de151-a7bd-4db4-b49b-3c4775a5e881|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|API Gateway X-Ray Disabled
2059155b-27fd-441e-b616-6966c468561f|Ansible|Low|Observability|Query details
Documentation
|
-|CloudTrail Log File Validation Disabled
4d8681a2-3d30-4c89-8070-08acd142748e|Ansible|Low|Observability|Query details
Documentation
|
-|CloudTrail Multi Region Disabled
6ad087d7-a509-4b20-b853-9ef6f5ebaa98|Ansible|Low|Observability|Query details
Documentation
|
-|CloudTrail Not Integrated With CloudWatch
ebb2118a-03bc-4d53-ab43-d8750f5cb8d3|Ansible|Low|Observability|Query details
Documentation
|
-|CloudTrail SNS Topic Name Undefined
5ba316a9-c466-4ec1-8d5b-bc6107dc9a92|Ansible|Low|Observability|Query details
Documentation
|
-|CMK Rotation Disabled
af96d737-0818-4162-8c41-40d969bd65d1|Ansible|Low|Observability|Query details
Documentation
|
-|Configuration Aggregator to All Regions Disabled
a2fdf451-89dd-451e-af92-bf6c0f4bab96|Ansible|Low|Observability|Query details
Documentation
|
-|Lambda Functions Without X-Ray Tracing
71397b34-1d50-4ee1-97cb-c96c34676f74|Ansible|Low|Observability|Query details
Documentation
|
-|Stack Notifications Disabled
d39761d7-94ab-45b0-ab5e-27c44e381d58|Ansible|Low|Observability|Query details
Documentation
|
-|EC2 Not EBS Optimized
338b6cab-961d-4998-bb49-e5b6a11c9a5c|Ansible|Info|Best Practices|Query details
Documentation
|
-|CloudWatch Without Retention Period Specified
e24e18d9-4c2b-4649-b3d0-18c088145e24|Ansible|Info|Observability|Query details
Documentation
|
-|CosmosDB Account IP Range Filter Not Set
e8c80448-31d8-4755-85fc-6dbab69c2717|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Entirely Accessible
0d0c12b9-edce-4510-9065-13f6a758750c|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Publicly Accessible
0632d0db-9190-450a-8bb3-c283bffea445|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|SQLServer Ingress From Any IP
f4e9ff70-0f3b-4c50-a713-26cbe7ec4039|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|Unrestricted SQL Server Access
3f23c96c-f9f5-488d-9b17-605b8da5842f|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
-|Default Azure Storage Account Network Access Is Too Permissive
ca4df748-613a-4fbf-9c76-f02cbd580307|Ansible|High|Access Control|Query details
Documentation
|
-|Public Storage Account
35e2f133-a395-40de-a79d-b260d973d1bd|Ansible|High|Access Control|Query details
Documentation
|
-|Storage Container Is Publicly Accessible
4d3817db-dd35-4de4-a80d-3867157e7f7f|Ansible|High|Access Control|Query details
Documentation
|
-|Azure Container Registry With No Locks
581dae78-307d-45d5-aae4-fe2b0db267a5|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Security Group is Not Configured
da4f2739-174f-4cdd-b9ef-dc3f14b5931f|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Sensitive Port Is Exposed To Entire Network
0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|Admin User Enabled For Container Registry
29f35127-98e6-43af-8ec1-201b79f99604|Ansible|Medium|Access Control|Query details
Documentation
|
-|AKS RBAC Disabled
149fa56c-4404-4f90-9e25-d34b676d5b39|Ansible|Medium|Access Control|Query details
Documentation
|
-|Role Definition Allows Custom Role Creation
5c80db8e-03f5-43a2-b4af-1f3f87018157|Ansible|Medium|Access Control|Query details
Documentation
|
-|Key Vault Soft Delete Is Disabled
881696a8-68c5-4073-85bc-7c38a3deb854|Ansible|Medium|Backup|Query details
Documentation
|
-|Azure Instance Using Basic Authentication
e2d834b7-8b25-4935-af53-4a60668dcbe0|Ansible|Medium|Best Practices|Query details
Documentation
|
-|MySQL SSL Connection Disabled
2a901825-0f3b-4655-a0fe-e0470e50f8e6|Ansible|Medium|Encryption|Query details
Documentation
|
-|SSL Enforce Disabled
961ce567-a16d-4d7d-9027-f0ec2628a555|Ansible|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Forcing HTTPS
2c99a474-2a3c-4c17-8294-53ffa5ed0522|Ansible|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Using Latest TLS Encryption Version
c62746cf-92d5-4649-9acf-7d48d086f2ee|Ansible|Medium|Encryption|Query details
Documentation
|
-|AD Admin Not Configured For SQL Server
b176e927-bbe2-44a6-a9c3-041417137e5f|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
869e7fb4-30f0-4bdb-b360-ad548f337f2f|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|VM Not Attached To Network
1e5f5307-3e01-438d-8da6-985307ed25ce|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Web App Accepting Traffic Other Than HTTPS
eb8c2560-8bee-4248-9d0d-e80c8641dd91|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache
69f72007-502e-457b-bd2d-5012e31ac049|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Trusted Microsoft Services Not Enabled
1bc398a8-d274-47de-a4c8-6ac867b353de|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|WAF Is Disabled For Azure Application Gateway
2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|AKS Monitoring Logging Disabled
d5e83b32-56dd-4247-8c2e-074f43b38a5e|Ansible|Medium|Observability|Query details
Documentation
|
-|Log Retention Is Not Set
0461b4fd-21ef-4687-929e-484ee4796785|Ansible|Medium|Observability|Query details
Documentation
|
-|Monitoring Log Profile Without All Activities
89f84a1e-75f8-47c5-83b5-bee8e2de4168|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Checkpoints Disabled
7ab33ac0-e4a3-418f-a673-50da4e34df21|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Connections Not Set
7b47138f-ec0e-47dc-8516-e7728fe3cc17|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Disconnections Not Set
054d07b5-941b-4c28-8eef-18989dc62323|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Duration Not Set
729ebb15-8060-40f7-9017-cb72676a5487|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Server Without Connection Throttling
a9becca7-892a-4af7-b9e1-44bf20a4cd9a|Ansible|Medium|Observability|Query details
Documentation
|
-|SQL Server Predictable Active Directory Account Name
530e8291-2f22-4bab-b7ea-306f1bc2a308|Ansible|Low|Best Practices|Query details
Documentation
|
-|SQL Server Predictable Admin Account Name
663062e9-473d-4e87-99bc-6f3684b3df40|Ansible|Low|Best Practices|Query details
Documentation
|
-|Cosmos DB Account Without Tags
23a4dc83-4959-4d99-8056-8e051a82bc1e|Ansible|Low|Build Process|Query details
Documentation
|
-|AKS Network Policy Misconfigured
8c3bedf1-c570-4c3b-b414-d068cd39a00c|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|Small Activity Log Retention Period
37fafbea-dedb-4e0d-852e-d16ee0589326|Ansible|Low|Observability|Query details
Documentation
|
-|Allow Unsafe Lookups Enabled
86b97bb4-85c9-462d-8635-cbc057c5c8c5|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Privilege Escalation Using Become Plugin
404908b6-4954-4611-98f0-e8ceacdabcb1|Ansible|Medium|Access Control|Query details
Documentation
|
-|Communication over HTTP
d7dc9350-74bc-485b-8c85-fed22d276c43|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Logging of Sensitive Data
c6473dae-8477-4119-88b7-b909b435ce7b|Ansible|Low|Best Practices|Query details
Documentation
|
-|Cloud Storage Anonymous or Publicly Accessible
086031e1-9d4a-4249-acb3-5bfe4c363db2|Ansible|Critical|Access Control|Query details
Documentation
|
-|SQL DB Instance Publicly Accessible
7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b|Ansible|Critical|Insecure Configurations|Query details
Documentation
|
-|BigQuery Dataset Is Public
2263b286-2fe9-4747-a0ae-8b4768a2bbd2|Ansible|High|Access Control|Query details
Documentation
|
-|SQL DB Instance With SSL Disabled
d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb|Ansible|High|Encryption|Query details
Documentation
|
-|Client Certificate Disabled
20180133-a0d0-4745-bfe0-94049fbb12a9|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Cloud SQL Instance With Contained Database Authentication On
6d34aff3-fdd2-460c-8190-756a3b4969e8|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|Cloud SQL Instance With Cross DB Ownership Chaining On
9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|GKE Legacy Authorization Enabled
300a9964-b086-41f7-9378-b6de3ba1c32b|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|MySQL Instance With Local Infile On
a7b520bb-2509-4fb0-be05-bc38f54c7a4c|Ansible|High|Insecure Configurations|Query details
Documentation
|
-|RDP Access Is Not Restricted
75418eb9-39ec-465f-913c-6f2b6a80dc77|Ansible|High|Networking and Firewall|Query details
Documentation
|
-|VM With Full Cloud Access
bc20bbc6-0697-4568-9a73-85af1dd97bdd|Ansible|Medium|Access Control|Query details
Documentation
|
-|SQL DB Instance Backup Disabled
0c82eae2-aca0-401f-93e4-fb37a0f9e5e8|Ansible|Medium|Backup|Query details
Documentation
|
-|Disk Encryption Disabled
092bae86-6105-4802-99d2-99cd7e7431f3|Ansible|Medium|Encryption|Query details
Documentation
|
-|DNSSEC Using RSASHA1
6cf4c3a7-ceb0-4475-8892-3745b84be24a|Ansible|Medium|Encryption|Query details
Documentation
|
-|Google Compute SSL Policy Weak Cipher In Use
b28bcd2f-c309-490e-ab7c-35fc4023eb26|Ansible|Medium|Encryption|Query details
Documentation
|
-|Cloud DNS Without DNSSEC
80b15fb1-6207-40f4-a803-6915ae619a03|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Cluster Master Authentication Disabled
9df7f78f-ebe3-432e-ac3b-b67189c15518|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|GKE Basic Authentication Enabled
344bf8ab-9308-462b-a6b2-697432e40ba1|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Container Node Pool Auto Repair Disabled
d58c6f24-3763-4269-9f5b-86b2569a003b|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|IP Aliasing Disabled
ed672a9f-fbf0-44d8-a47d-779501b0db05|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Policy Disabled
98e04ca0-34f5-4c74-8fec-d2e611ce2790|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|OSLogin Is Disabled In VM Instance
66dae697-507b-4aef-be18-eec5bd707f33|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Private Cluster Disabled
3b30e3d6-c99b-4318-b38f-b99db74578b5|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded VM Disabled
18d3a83d-4414-49dc-90ea-f0387b2856cc|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Using Default Service Account
2775e169-e708-42a9-9305-b58aadd2c4dd|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|GKE Using Default Service Account
dc126833-125a-40fb-905a-ce5f2afde240|Ansible|Medium|Insecure Defaults|Query details
Documentation
|
-|Compute Instance Is Publicly Accessible
829f1c60-2bab-44c6-8a21-5cd9d39a2c82|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|GKE Master Authorized Networks Disabled
d43366c5-80b0-45de-bbe8-2338f4ab0a83|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Google Compute Network Using Default Firewall Rule
29b8224a-60e9-4011-8ac2-7916a659841f|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows All Ports
3602d273-3290-47b2-80fa-720162b1a8af|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|IP Forwarding Enabled
11bd3554-cd56-4257-8e25-7aaf30cf8f5f|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Serial Ports Are Enabled For VM Instances
c6fc6f29-dc04-46b6-99ba-683c01aff350|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Access Is Not Restricted
b2fbf1df-76dd-4d78-a6c0-e538f4a9b016|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
507df964-ad97-4035-ab14-94a82eabdfdd|Ansible|Medium|Observability|Query details
Documentation
|
-|Cloud Storage Bucket Versioning Disabled
7814ddda-e758-4a56-8be3-289a81ded929|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Connections Disabled
d7a5616f-0a3f-4d43-bc2b-29d1a183e317|Ansible|Medium|Observability|Query details
Documentation
|
-|PostgreSQL log_checkpoints Flag Not Set To ON
89afe3f0-4681-4ce3-89ed-896cebd4277c|Ansible|Medium|Observability|Query details
Documentation
|
-|Stackdriver Logging Disabled
19c9e2a0-fc33-4264-bba1-e3682661e8f7|Ansible|Medium|Observability|Query details
Documentation
|
-|Stackdriver Monitoring Disabled
20dcd953-a8b8-4892-9026-9afa6d05a525|Ansible|Medium|Observability|Query details
Documentation
|
-|Node Auto Upgrade Disabled
d6e10477-2e19-4bcd-b8a8-19c65b89ccdf|Ansible|Medium|Resource Management|Query details
Documentation
|
-|High Google KMS Crypto Key Rotation Period
f9b7086b-deb8-4034-9330-d7fd38f1b8de|Ansible|Medium|Secret Management|Query details
Documentation
|
-|Project-wide SSH Keys Are Enabled In VM Instances
099b4411-d11e-4537-a0fc-146b19762a79|Ansible|Medium|Secret Management|Query details
Documentation
|
-|Cluster Labels Disabled
fbe9b2d0-a2b7-47a1-a534-03775f3013f7|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|COS Node Image Not Used
be41f891-96b1-4b9d-b74f-b922a918c778|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|PostgreSQL Misconfigured Logging Duration Flag
aed98a2a-e680-497a-8886-277cea0f4514|Ansible|Low|Insecure Configurations|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows Port Range
7289eebd-a477-4064-8ad4-3c044bd70b00|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|Google Compute Subnetwork with Private Google Access Disabled
6a4080ae-79bd-42f6-a924-8f534c1c018b|Ansible|Low|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Logging Of Temporary Files Disabled
d6fae5b6-ada9-46c0-8b36-3108a2a2f77b|Ansible|Low|Observability|Query details
Documentation
|
-|PostgreSQL Misconfigured Log Messages Flag
28a757fc-3d8f-424a-90c0-4233363b2711|Ansible|Low|Observability|Query details
Documentation
|
-|Ansible Tower Exposed To Internet
1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc|Ansible|Medium|Best Practices|Query details
Documentation
|
-|Privilege Escalation Using Become Plugin
0e75052f-cc02-41b8-ac39-a78017527e95|Ansible|Medium|Access Control|Query details
Documentation
|
-|Communication Over HTTP
2e8d4922-8362-4606-8c14-aa10466a1ce3|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
-|Insecure Relative Path Resolution
8d22ae91-6ac1-459f-95be-d37bd373f244|Ansible|Low|Best Practices|Query details
Documentation
|
-|Logging of Sensitive Data
59029ddf-e651-412b-ae7b-ff6d403184bc|Ansible|Low|Best Practices|Query details
Documentation
|
-|Unpinned Package Version
c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8|Ansible|Low|Supply-Chain|Query details
Documentation
|
-|Risky File Permissions
88841d5c-d22d-4b7e-a6a0-89ca50e44b9f|Ansible|Info|Supply-Chain|Query details
Documentation
|
-|SQL Database Server Firewall Allows All IPS
6a3201a5-1630-494b-b294-3129d06b0eca|AzureResourceManager|Critical|Networking and Firewall|Query details
Documentation
|
-|AKS Cluster RBAC Disabled
9307a2ed-35c2-413d-94de-a1a0682c2158|AzureResourceManager|High|Access Control|Query details
Documentation
|
-|Default Azure Storage Account Network Access Is Too Permissive
d855ced8-6157-448f-9f1d-f05a41d046f7|AzureResourceManager|High|Access Control|Query details
Documentation
|
-|Role Definitions Allow Custom Subscription Role Creation
8fa9ceea-881f-4ef0-b0b8-728f589699a7|AzureResourceManager|High|Access Control|Query details
Documentation
|
-|Key Vault Not Recoverable
7c25f361-7c66-44bf-9b69-022acd5eb4bd|AzureResourceManager|High|Backup|Query details
Documentation
|
-|Azure Managed Disk Without Encryption
350f3955-b5be-436f-afaa-3d2be2fa6cdd|AzureResourceManager|High|Encryption|Query details
Documentation
|
-|Network Security Group With Unrestricted Access To RDP
59cb3da7-f206-4ae6-b827-7abf0a9cab9d|AzureResourceManager|High|Networking and Firewall|Query details
Documentation
|
-|Storage Blob Service Container With Public Access
a0ab985d-660b-41f7-ac81-70957ee8e627|AzureResourceManager|High|Networking and Firewall|Query details
Documentation
|
-|Hardcoded SecureString Parameter Default Value
4d2cf896-c053-4be5-9c95-8b4771112f29|AzureResourceManager|High|Secret Management|Query details
Documentation
|
-|App Service Authentication Is Not Set
83130a07-235b-4a80-918b-a370e53f0bd9|AzureResourceManager|Medium|Access Control|Query details
Documentation
|
-|Azure Instance Using Basic Authentication
6797f581-0433-4768-ae3e-7ceb2f8b138e|AzureResourceManager|Medium|Best Practices|Query details
Documentation
|
-|Secret Without Expiration Date
cff9c3f7-e8f0-455f-9fb4-5f72326da96e|AzureResourceManager|Medium|Best Practices|Query details
Documentation
|
-|SQL Server Database With Alerts Disabled
574e8d82-1db2-4b9c-b526-e320ede9a9ff|AzureResourceManager|Medium|Best Practices|Query details
Documentation
|
-|Storage Account Allows Unsecure Transfer
1367dd13-2c90-4020-80b7-e4339a3dc2c4|AzureResourceManager|Medium|Encryption|Query details
Documentation
|
-|Web App Not Using TLS Last Version
b5c851d5-00f1-43dc-a8de-3218fd6f71be|AzureResourceManager|Medium|Encryption|Query details
Documentation
|
-|AKS Cluster Network Policy Not Configured
25c0228e-4444-459b-a2df-93c7df40b7ed|AzureResourceManager|Medium|Insecure Configurations|Query details
Documentation
|
-|Website Not Forcing HTTPS
488847ff-6031-487c-bf42-98fd6ac5c9a0|AzureResourceManager|Medium|Insecure Configurations|Query details
Documentation
|
-|MySQL Server SSL Enforcement Disabled
90120147-f2e7-4fda-bb21-6fa9109afd63|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|Network Security Group With Unrestricted Access To SSH
2ade1579-4b2c-4590-bebb-f99bf597f612|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Database Server Log Checkpoints Disabled
f9112910-c7bb-4864-9f5e-2059ba413bb7|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Database Server Log Connections Disabled
e69bda39-e1e2-47ca-b9ee-b6531b23aedd|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Database Server SSL Disabled
bf500309-da53-4dd3-bcf7-95f7974545a5|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgresSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|Trusted Microsoft Services Not Enabled
e25b56cd-a4d6-498f-ab92-e6296a082097|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|Website with Client Certificate Auth Disabled
92302b47-b0cc-46cb-a28f-5610ecda140b|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
-|AKS Logging To Azure Monitoring Is Disabled
9b09dee1-f09b-4013-91d2-158fa4695f4b|AzureResourceManager|Medium|Observability|Query details
Documentation
|
-|SQL Server Database Without Auditing
e055285c-bc01-48b4-8aa5-8a54acdd29df|AzureResourceManager|Medium|Observability|Query details
Documentation
|
-|Storage Logging For Read Write And Delete Requests Disabled
43f6e60c-9cdb-4e77-864d-a66595d26518|AzureResourceManager|Medium|Observability|Query details
Documentation
|
-|Website Azure Active Directory Disabled
e9c133e5-c2dd-4b7b-8fff-40f2de367b56|AzureResourceManager|Low|Access Control|Query details
Documentation
|
-|Phone Number Not Set For Security Contacts
3e9fcc67-1f64-405f-b2f9-0a6be17598f0|AzureResourceManager|Low|Best Practices|Query details
Documentation
|
-|AKS Dashboard Is Enabled
c62d3b92-9a11-4ffd-b7b7-6faaae83faed|AzureResourceManager|Low|Insecure Configurations|Query details
Documentation
|
-|AKS With Authorized IP Ranges Disabled
2583fab1-953b-4fae-bd02-4a136a6c21f9|AzureResourceManager|Low|Networking and Firewall|Query details
Documentation
|
-|Storage Account Allows Default Network Access
9073f073-5d60-4b46-b569-0d6baa80ed95|AzureResourceManager|Low|Networking and Firewall|Query details
Documentation
|
-|Website with 'Http20Enabled' Disabled
70111098-7f85-48f0-b1b4-e4261cf5f61b|AzureResourceManager|Low|Networking and Firewall|Query details
Documentation
|
-|Log Profile Incorrect Category
4d522e7b-f938-4d51-a3b1-974ada528bd3|AzureResourceManager|Low|Observability|Query details
Documentation
|
-|SQL Server Database With Unrecommended Retention Days
c09cdac2-7670-458a-bf6c-efad6880973a|AzureResourceManager|Low|Observability|Query details
Documentation
|
-|Unrecommended Log Profile Retention Policy
25684eac-daaa-4c2c-94b4-8d2dbb627909|AzureResourceManager|Low|Observability|Query details
Documentation
|
-|Unrecommended Network Watcher Flow Log Retention Policy
564b70f8-41cd-4690-aff8-bb53add86bc9|AzureResourceManager|Low|Observability|Query details
Documentation
|
-|Standard Price Is Not Selected
2081c7d6-2851-4cce-bda5-cb49d462da42|AzureResourceManager|Low|Resource Management|Query details
Documentation
|
-|Account Admins Not Notified By Email
a8852cc0-fd4b-4fc7-9372-1e43fad0732e|AzureResourceManager|Info|Best Practices|Query details
Documentation
|
-|SQL Alert Policy Without Emails
89b79fe5-49bd-4d39-84ce-55f5fc6f7764|AzureResourceManager|Info|Best Practices|Query details
Documentation
|
-|Email Notifications Disabled
79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92|AzureResourceManager|Info|Networking and Firewall|Query details
Documentation
|
-|Run Using apt
a1bc27c6-7115-48d8-bf9d-5a7e836845ba|Buildah|Low|Supply-Chain|Query details
Documentation
|
-|Script Block Injection
62ff6823-927a-427f-acf9-f1ea2932d616|CICD|High|Insecure Configurations|Query details
Documentation
|
-|Run Block Injection
20f14e1a-a899-4e79-9f09-b6a84cd4649b|CICD|Medium|Insecure Configurations|Query details
Documentation
|
-|Unsecured Commands
60fd272d-15f4-4d8f-afe4-77d9c6cc0453|CICD|Medium|Insecure Configurations|Query details
Documentation
|
-|Unpinned Actions Full Length Commit SHA
555ab8f9-2001-455e-a077-f2d0f41e2fb9|CICD|Low|Supply-Chain|Query details
Documentation
|
-|Amazon DMS Replication Instance Is Publicly Accessible
5864fb39-d719-4182-80e2-89dbe627be63|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|ECR Repository Is Publicly Accessible
75be209d-1948-41f6-a8c8-e22dd0121134|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Access to Any Principal
7772bb8c-c0f3-42d4-8e4e-f1b8939ad085|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read Or Write to All Users
07dda8de-d90d-469e-9b37-1aca53526ced|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Delete Action From All Principals
acc78859-765e-4011-a229-a65ea57db252|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Put Action From All Principals
f6397a20-4cf1-4540-a997-1d363c25ef58|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With All Permissions
4ae8af91-5108-42cb-9471-3bdbe596eac9|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|SNS Topic is Publicly Accessible
ae53ce91-42b5-46bf-a84f-9a13366a4f13|CloudFormation|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
de38e1d5-54cb-4111-a868-6f7722695007|CloudFormation|Critical|Insecure Configurations|Query details
Documentation
|
-|DB Security Group With Public Scope
9564406d-e761-4e61-b8d7-5926e3ab8e79|CloudFormation|Critical|Networking and Firewall|Query details
Documentation
|
-|RDS Associated with Public Subnet
4e88adee-a8eb-4605-a78d-9fb1096e3091|CloudFormation|Critical|Networking and Firewall|Query details
Documentation
|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7|CloudFormation|High|Access Control|Query details
Documentation
|
-|ECS Service Admin Role Is Present
01986452-bdd8-4aaa-b5df-d6bf61d616ff|CloudFormation|High|Access Control|Query details
Documentation
|
-|IAM Policy Grants Full Permissions
f62aa827-4ade-4dc4-89e4-1433d384a368|CloudFormation|High|Access Control|Query details
Documentation
|
-|Lambda Functions With Full Privileges
a0ae0a4e-712b-4115-8112-51b9eeed9d69|CloudFormation|High|Access Control|Query details
Documentation
|
-|MSK Broker Is Publicly Accessible
0ce1ba20-8ba8-4364-836f-40c24b8cb0ab|CloudFormation|High|Access Control|Query details
Documentation
|
-|Neptune Cluster With IAM Database Authentication Disabled
a3aa0087-8228-4e7e-b202-dc9036972d02|CloudFormation|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to All Users
219f4c95-aa50-44e0-97de-cf71f4641170|CloudFormation|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to Any Authenticated User
835d5497-a526-4aea-a23f-98a9afd1635f|CloudFormation|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Get Action From All Principals
f97b7d23-568f-4bcc-9ac9-02df0d57fbba|CloudFormation|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows List Action From All Principals
faa8fddf-c0aa-4b2d-84ff-e993e233ebe9|CloudFormation|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public Policy
860ba89b-b8de-4e72-af54-d6aee4138a69|CloudFormation|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Restore Actions From All Principals
456b00a3-1072-4149-9740-6b8bb60251b0|CloudFormation|High|Access Control|Query details
Documentation
|
-|AmazonMQ Broker Encryption Disabled
316278b3-87ac-444c-8f8f-a733a28da60f|CloudFormation|High|Encryption|Query details
Documentation
|
-|API Gateway Cache Encrypted Disabled
37cca703-b74c-48ba-ac81-595b53398e9b|CloudFormation|High|Encryption|Query details
Documentation
|
-|CMK Unencrypted Storage
ffee2785-c347-451e-89f3-11aeb08e5c84|CloudFormation|High|Encryption|Query details
Documentation
|
-|Config Rule For Encrypted Volumes Disabled
1b6322d9-c755-4f8c-b804-32c19250f2d9|CloudFormation|High|Encryption|Query details
Documentation
|
-|DynamoDB Table Not Encrypted
4bd21e68-38c1-4d58-acdc-6a14b203237f|CloudFormation|High|Encryption|Query details
Documentation
|
-|DynamoDB With Aws Owned CMK
c8dee387-a2e6-4a73-a942-183c975549ac|CloudFormation|High|Encryption|Query details
Documentation
|
-|EBS Volume Encryption Disabled
80b7ac3f-d2b7-4577-9b10-df7913497162|CloudFormation|High|Encryption|Query details
Documentation
|
-|ECS Cluster Not Encrypted At Rest
6c131358-c54d-419b-9dd6-1f7dd41d180c|CloudFormation|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
2ff8e83c-90e1-4d68-a300-6d652112e622|CloudFormation|High|Encryption|Query details
Documentation
|
-|ElastiCache With Disabled at Rest Encryption
e4ee3903-9225-4b6a-bdfb-e62dbadef821|CloudFormation|High|Encryption|Query details
Documentation
|
-|ElasticSearch Encryption With KMS Disabled
d926aa95-0a04-4abc-b20c-acf54afe38a1|CloudFormation|High|Encryption|Query details
Documentation
|
-|ElasticSearch Not Encrypted At Rest
86a248ab-0e01-4564-a82a-878303e253bb|CloudFormation|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
809f77f8-d10e-4842-a84f-3be7b6ff1190|CloudFormation|High|Encryption|Query details
Documentation
|
-|Kinesis SSE Not Configured
7f65be75-90ab-4036-8c2a-410aef7bb650|CloudFormation|High|Encryption|Query details
Documentation
|
-|MSK Cluster Encryption Disabled
a976d63f-af0e-46e8-b714-8c1a9c4bf768|CloudFormation|High|Encryption|Query details
Documentation
|
-|Neptune Database Cluster Encryption Disabled
bf4473f1-c8a2-4b1b-8134-bd32efabab93|CloudFormation|High|Encryption|Query details
Documentation
|
-|RDS Storage Encryption Disabled
65844ba3-03a1-40a8-b3dd-919f122e8c95|CloudFormation|High|Encryption|Query details
Documentation
|
-|RDS Storage Not Encrypted
5beacce3-4020-4a3d-9e1d-a36f953df630|CloudFormation|High|Encryption|Query details
Documentation
|
-|Redshift Not Encrypted
3b316b05-564c-44a7-9c3f-405bb95e211e|CloudFormation|High|Encryption|Query details
Documentation
|
-|S3 Bucket Without Server-side-encryption
b2e8752c-3497-4255-98d2-e4ae5b46bbf5|CloudFormation|High|Encryption|Query details
Documentation
|
-|SageMaker Data Encryption Disabled
709e6da6-fa1f-44cc-8f17-7f25f96dadbe|CloudFormation|High|Encryption|Query details
Documentation
|
-|User Data Contains Encoded Private Key
568cc372-ca64-420d-9015-ee347d00d288|CloudFormation|High|Encryption|Query details
Documentation
|
-|Workspace Without Encryption
89827c57-5a8a-49eb-9731-976a606d70db|CloudFormation|High|Encryption|Query details
Documentation
|
-|Batch Job Definition With Privileged Container Properties
76ddf32c-85b1-4808-8935-7eef8030ab36|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|KMS Key With Vulnerable Policy
da905474-7454-43c0-b8d2-5756ab951aba|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|Lambda Functions Without Unique IAM Roles
ae03f542-1423-402f-9cef-c834e7ee9583|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|MQ Broker Is Publicly Accessible
68b6a789-82f8-4cfd-85de-e95332fe6a61|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|Root Account Has Active Access Keys
4c137350-7307-4803-8c04-17c09a7a9fcf|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|S3 Static Website Host Enabled
90501b1b-cded-4cc1-9e8b-206b85cda317|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|Permissive Web ACL Default Action
6d64f311-3da6-45f3-80f1-14db9771ea40|CloudFormation|High|Insecure Defaults|Query details
Documentation
|
-|DB Security Group Open To Large Scope
0104165b-02d5-426f-abc9-91fb48189899|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Default Security Groups With Unrestricted Traffic
ea33fcf7-394b-4d11-a228-985c5d08f205|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|EC2 Sensitive Port Is Publicly Exposed
494b03d3-bf40-4464-8524-7c56ad0700ed|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|ELB Sensitive Port Is Exposed To Entire Network
78055456-f670-4d2e-94d5-392d1cf4f5e4|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Fully Open Ingress
e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Remote Desktop Port Open To Internet
c9846969-d066-431f-9b34-8c4abafe422a|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Route53 Record Undefined
24d932e1-91f0-46ea-836f-fdbd81694151|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Security Group Unrestricted Access To RDP
3ae83918-7ec7-4cb8-80db-b91ef0f94002|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Security Groups With Exposed Admin Ports
cdbb0467-2957-4a77-9992-7b55b29df7b7|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Security Groups With Meta IP
adcd0082-e90b-4b63-862b-21899f6e6a48|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Unknown Port Exposed To Internet
829ce3b8-065c-41a3-ad57-e0accfea82d2|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Unrestricted Security Group Ingress
4a1e6b34-1008-4e61-a5f2-1f7c276f8d14|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
-|Amplify App Access Token Exposed
73980e43-f399-4fcc-a373-658228f7adf7|CloudFormation|High|Secret Management|Query details
Documentation
|
-|Amplify App Basic Auth Config Password Exposed
71493c8b-3014-404c-9802-078b74496fb7|CloudFormation|High|Secret Management|Query details
Documentation
|
-|Amplify App OAuth Token Exposed
03b38885-8f4e-480c-a0e4-12c1affd15db|CloudFormation|High|Secret Management|Query details
Documentation
|
-|Amplify Branch Basic Auth Config Password Exposed
dfb56e5d-ee68-446e-b32a-657b62befe69|CloudFormation|High|Secret Management|Query details
Documentation
|
-|Directory Service Microsoft AD Password Set to Plaintext or Default Ref
06b9f52a-8cd5-459b-bdc6-21a22521e1be|CloudFormation|High|Secret Management|Query details
Documentation
|
-|Directory Service Simple AD Password Exposed
6685d912-d81f-4cfa-95ad-e316ea31c989|CloudFormation|High|Secret Management|Query details
Documentation
|
-|DMS Endpoint MongoDB Settings Password Exposed
f988a17f-1139-46a3-8928-f27eafd8b024|CloudFormation|High|Secret Management|Query details
Documentation
|
-|DMS Endpoint Password Exposed
5f700072-b7ce-4e84-b3f3-497bf1c24a4d|CloudFormation|High|Secret Management|Query details
Documentation
|
-|DocDB Cluster Master Password In Plaintext
39423ce4-9011-46cd-b6b1-009edcd9385d|CloudFormation|High|Secret Management|Query details
Documentation
|
-|Hardcoded AWS Access Key In Lambda
2564172f-c92b-4261-9acd-464aed511696|CloudFormation|High|Secret Management|Query details
Documentation
|
-|IAM User LoginProfile Password Is In Plaintext
06adef8c-c284-4de7-aad2-af43b07a8ca1|CloudFormation|High|Secret Management|Query details
Documentation
|
-|RefreshToken Is Exposed
5b48c507-0d1f-41b0-a630-76817c6b4189|CloudFormation|High|Secret Management|Query details
Documentation
|
-|API Gateway Method Does Not Contains An API Key
3641d5b4-d339-4bc2-bfb9-208fe8d3477f|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|API Gateway Without Configured Authorizer
7fd0d461-5b8c-4815-898c-f2b4b117eb28|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Has No IAM Role
f914357d-8386-4d56-9ba6-456e5723f9a6|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Using Default Security Group
08b81bb3-0985-4023-8602-b606ad81d279|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|EC2 Network ACL Ineffective Denied Traffic
2623d682-dccb-44cd-99d0-54d9fd62f8f2|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|Elasticsearch Without IAM Authentication
5c666ed9-b586-49ab-9873-c495a833b705|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|Empty Roles For ECS Cluster Task Definitions
7f384a5f-b5a2-4d84-8ca3-ee0a5247becb|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Group Inline Policies
a58d1a2d-4078-4b80-855b-84cc3f7f4540|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Group Without Users
8f957abd-9703-413d-87d3-c578950a753c|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Policies Attached To User
edc95c10-7366-4f30-9b4b-f995c84eceb5|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Policies With Full Privileges
953b3cdb-ce13-428a-aa12-318726506661|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services
e835bd0d-65da-49f7-b6d1-b646da8727e6|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Policy On User
e4239438-e639-44aa-adb8-866e400e3ade|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IAM Role Allows All Principals To Assume
f80e3aa7-7b34-4185-954e-440a6894dde6|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IoT Policy Allows Action as Wildcard
4d32780f-43a4-424a-a06d-943c543576a5|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|IoT Policy Allows Wildcard Resource
be5b230d-4371-4a28-a441-85dc760e2aa3|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|KMS Allows Wildcard Principal
f6049677-ec4a-43af-8779-5190b6d03cba|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|Lambda Permission Principal Is Wildcard
1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|Public Lambda via API Gateway
57b12981-3816-4c31-b190-a1e614361dd2|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public ACL
48f100d9-f499-4c6d-b2b8-deafe47ffb26|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously
818f38ed-8446-4132-9c03-474d49e10195|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|SQS Policy With Public Access
9b6a3f5b-5fd6-40ee-9bc0-ed604911212d|CloudFormation|Medium|Access Control|Query details
Documentation
|
-|Auto Scaling Group With No Associated ELB
ad21e616-5026-4b9d-990d-5b007bfe679c|CloudFormation|Medium|Availability|Query details
Documentation
|
-|CMK Is Unusable
2844c749-bd78-4cd1-90e8-b179df827602|CloudFormation|Medium|Availability|Query details
Documentation
|
-|ElastiCache Nodes Not Created Across Multi AZ
cfdef2e5-1fe4-4ef4-bea8-c56e08963150|CloudFormation|Medium|Availability|Query details
Documentation
|
-|RDS Multi-AZ Deployment Disabled
2b1d4935-9acf-48a7-8466-10d18bf51a69|CloudFormation|Medium|Availability|Query details
Documentation
|
-|RDS With Backup Disabled
8c415f6f-7b90-4a27-a44a-51047e1506f9|CloudFormation|Medium|Backup|Query details
Documentation
|
-|S3 Bucket Without Versioning
a227ec01-f97a-4084-91a4-47b350c1db54|CloudFormation|Medium|Backup|Query details
Documentation
|
-|Stack Retention Disabled
fe974ae9-858e-4991-bbd5-e040a834679f|CloudFormation|Medium|Backup|Query details
Documentation
|
-|DynamoDB Table Point In Time Recovery Disabled
0f04217d-488f-4e7a-bec8-f16159686cd6|CloudFormation|Medium|Best Practices|Query details
Documentation
|
-|ECS No Load Balancer Attached
fb2b0ecf-1492-491a-a70d-ba1df579175d|CloudFormation|Medium|Best Practices|Query details
Documentation
|
-|IAM Managed Policy Applied to a User
0e5872b4-19a0-4165-8b2f-56d9e14b909f|CloudFormation|Medium|Best Practices|Query details
Documentation
|
-|IAM User Without Password Reset
a964d6e3-8e1e-4d93-8120-61fa640dd55a|CloudFormation|Medium|Best Practices|Query details
Documentation
|
-|Alexa Skill Plaintext Client Secret Exposed
3c3b7a58-b018-4d07-9444-d9ee7156e111|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|CloudFormation Specifying Credentials Not Safe
9ecb6b21-18bc-4aa7-bd07-db20f1c746db|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|Cloudfront Viewer Protocol Policy Allows HTTP
31733ee2-fef0-4e87-9778-65da22a8ecf1|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|CodeBuild Not Encrypted
d7467bb6-3ed1-4c82-8095-5e7a818d0aad|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|Connection Between CloudFront Origin Not Encrypted
a5366a50-932f-4085-896b-41402714a388|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|Default KMS Key Usage
e52395b4-250b-4c60-81d5-2e58c1d37abc|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|EFS Volume With Disabled Transit Encryption
c1282e03-b285-4637-aee7-eefe3a7bb658|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|ElastiCache With Disabled Transit Encryption
3b02569b-fc6f-4153-b3a3-ba91022fed68|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|ELB Using Insecure Protocols
61a94903-3cd3-4780-88ec-fc918819b9c8|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|ELB Without Secure Protocol
80908a75-586b-4c61-ab04-490f4f4525b8|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|EMR Security Configuration Encryption Disabled
5b033ec8-f079-4323-b5c8-99d4620433a9|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|IAM Database Auth Not Enabled
9fcd0a0a-9b6f-4670-a215-d94e6bf3f184|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|KMS Key Rotation Disabled
235ca980-eb71-48f4-9030-df0c371029eb|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|Redshift Cluster Without KMS CMK
de76a0d6-66d5-45c9-9022-f05545b85c78|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|S3 Bucket Without SSL In Write Actions
38c64e76-c71e-4d92-a337-60174d1de1c9|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|SageMaker EndPoint Config Should Specify KmsKeyId Attribute
44034eda-1c3f-486a-831d-e09a7dd94354|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|Secure Ciphers Disabled
be96849c-3df6-49c2-bc16-778a7be2519c|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|SQS With SSE Disabled
12726829-93ed-4d51-9cbe-13423f4299e1|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|API Gateway With Open Access
1056dfbb-5802-4762-bf2b-8b9b9684b1b0|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without Security Policy
8275fab0-68ec-4705-bbf4-86975edb170e|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without SSL Certificate
ed4c48b8-eccc-4881-95c1-09fdae23db25|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
dc17ee4b-ddf2-4e23-96e8-7a36abad1303|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|ECR Image Tag Not Immutable
33f41d31-86b1-46a4-81f7-9c9a671f59ac|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|ECS Task Definition Network Mode Not Recommended
027a4b7a-8a59-4938-a04f-ed532512cf45|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|EMR Cluster Without Security Configuration
48af92a5-c89b-4936-bc62-1086fe2bab23|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|GitHub Repository Set To Public
5906092d-5f74-490d-9a03-78febe0f65e1|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|IAM User Has Too Many Access Keys
48677914-6fdf-40ec-80c4-2b0e94079f54|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|Redshift Publicly Accessible
bdf8dcb4-75df-4370-92c4-606e4ae6c4d3|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket With Unsecured CORS Rule
3609d27c-3698-483a-9402-13af6ae80583|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Ignore Public ACL
6c8d51af-218d-4bfb-94a9-94eabaa0703a|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Restriction Of Public Bucket
350cd468-0e2c-44ef-9d22-cfb73a62523c|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|SageMaker Enabling Internet Access
88d55d94-315d-4564-beee-d2d725feab11|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
-|Vulnerable Default SSL Certificate
b4d9c12b-bfba-4aeb-9cb8-2358546d8041|CloudFormation|Medium|Insecure Defaults|Query details
Documentation
|
-|ALB Is Not Integrated With WAF
105ba098-1e34-48cd-b0f2-a8a43a51bf9b|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|ALB Listening on HTTP
275a3217-ca37-40c1-a6cf-bb57d245ab32|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Endpoint Config is Not Private
4a8daf95-709d-4a36-9132-d3e19878fa34|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway without WAF
fcbf9019-566c-4832-a65c-af00d8137d2b|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Without WAF
0f139403-303f-467c-96bd-e717e6cfd62d|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Subnet Has Public IP Mapping On Launch
b3de4e4c-14be-4159-b99d-9ad194365e4c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Network ACL Overlapping Ports
77b6f1e2-bde4-4a6a-ae7e-a40659ff1576|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Permissive Network ACL Protocols
03879981-efa2-47a0-a818-c843e1441b88|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Public Instance Exposed Through Subnet
c44c95fc-ae92-4bb8-bdf8-bb9bc412004a|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|EKS node group remote access
73d59e76-a12c-4b74-a3d8-d3e1e19c25b3|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
4cdc88e6-c0c8-4081-a639-bb3a557cbedf|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|ELB With Security Group Without Inbound Rules
e200a6f3-c589-49ec-9143-7421d4a2c845|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|ELB With Security Group Without Outbound Rules
01d5a458-a6c4-452a-ac50-054d59275b7c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|GameLift Fleet EC2 InboundPermissions With Port Range
43356255-495d-4148-ad8d-f6af5eac09dd|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|HTTP Port Open To Internet
ddfc4eaa-af23-409f-b96c-bf5c45dc4daa|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|SageMaker Notebook Not Placed In VPC
9c7028d9-04c2-45be-b8b2-1188ccaefb36|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Egress CIDR Open To World
1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Egress With All Protocols
ee464fc2-54a6-4e22-b10a-c6dcd2474d0c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Egress With Port Range
dae9c373-8287-462f-8746-6f93dad93610|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Ingress With All Protocols
1a427b25-2e9e-4298-9530-0499a55e736b|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Ingress With Port Range
87482183-a8e7-4e42-a566-7a23ec231c16|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group With Unrestricted Access To SSH
6e856af2-62d7-4ba2-adc1-73b62cef9cc1|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Groups Allows Unrestricted Outbound Traffic
66f2d8f9-a911-4ced-ae27-34f09690bb2c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|TCP UDP Protocol Network ACL Entry Allows All Ports
f57f849c-883b-4cb7-85e7-f7b199dff163|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|VPC Without Network Firewall
3e293410-d5b8-411f-85fd-7d26294f20c9|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Deployment Without Access Log Setting
06ec63e3-9f72-4fe2-a218-2eb9200b8db5|CloudFormation|Medium|Observability|Query details
Documentation
|
-|API Gateway V2 Stage Access Logging Settings Not Defined
80d45af4-4920-4236-a56e-b7ef419d1941|CloudFormation|Medium|Observability|Query details
Documentation
|
-|CloudFront Logging Disabled
de77cd9f-0e8b-46cc-b4a4-b6b436838642|CloudFormation|Medium|Observability|Query details
Documentation
|
-|CloudTrail Logging Disabled
5c0b06d5-b7a4-484c-aeb0-75a836269ff0|CloudFormation|Medium|Observability|Query details
Documentation
|
-|CloudWatch Logging Disabled
0f0fb06b-0f2f-4374-8588-f2c7c348c7a0|CloudFormation|Medium|Observability|Query details
Documentation
|
-|CloudWatch Metrics Disabled
5d3c1807-acb3-4bb0-be4e-0440230feeaf|CloudFormation|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
1bf3b3d4-f373-4d7c-afbb-7d85948a67a5|CloudFormation|Medium|Observability|Query details
Documentation
|
-|EC2 Instance Monitoring Disabled
0264093f-6791-4475-af34-4b8102dcbcd0|CloudFormation|Medium|Observability|Query details
Documentation
|
-|Elasticsearch Logs Disabled
edbd62d4-8700-41de-b000-b3cfebb5e996|CloudFormation|Medium|Observability|Query details
Documentation
|
-|ELB Access Log Disabled
ee12ad32-2863-4c0f-b13f-28272d115028|CloudFormation|Medium|Observability|Query details
Documentation
|
-|ELBv2 ALB Access Log Disabled
c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621|CloudFormation|Medium|Observability|Query details
Documentation
|
-|GuardDuty Detector Disabled
a25cd877-375c-4121-a640-730929936fac|CloudFormation|Medium|Observability|Query details
Documentation
|
-|MQ Broker Logging Disabled
e519ed6a-8328-4b69-8eb7-8fa549ac3050|CloudFormation|Medium|Observability|Query details
Documentation
|
-|MSK Cluster Logging Disabled
fc7c2c15-f5d0-4b80-adb2-c89019f8f62b|CloudFormation|Medium|Observability|Query details
Documentation
|
-|Redshift Cluster Logging Disabled
3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6|CloudFormation|Medium|Observability|Query details
Documentation
|
-|S3 Bucket CloudTrail Logging Disabled
c3ce69fd-e3df-49c6-be78-1db3f802261c|CloudFormation|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Logging Disabled
4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c|CloudFormation|Medium|Observability|Query details
Documentation
|
-|VPC FlowLogs Disabled
f6d299d2-21eb-41cc-b1e1-fe12d857500b|CloudFormation|Medium|Observability|Query details
Documentation
|
-|High Access Key Rotation Period
800fa019-49dd-421b-9042-7331fdd83fa2|CloudFormation|Medium|Secret Management|Query details
Documentation
|
-|IAM User With No Group
06933df4-0ea7-461c-b9b5-104d27390e0e|CloudFormation|Low|Access Control|Query details
Documentation
|
-|Support Has No Role Associated
d71b5fd7-9020-4b2d-9ec8-b3839faa2744|CloudFormation|Low|Access Control|Query details
Documentation
|
-|EBS Volume Not Attached To Instances
1819ac03-542b-4026-976b-f37addd59f3b|CloudFormation|Low|Availability|Query details
Documentation
|
-|ECS Service Without Running Tasks
79d745f0-d5f3-46db-9504-bef73e9fd528|CloudFormation|Low|Availability|Query details
Documentation
|
-|VPC Attached With Too Many Gateways
97e94d17-e2c7-4109-a53b-6536ac1bb64e|CloudFormation|Low|Availability|Query details
Documentation
|
-|Low RDS Backup Retention Period
e649a218-d099-4550-86a4-1231e1fcb60d|CloudFormation|Low|Backup|Query details
Documentation
|
-|RDS DB Instance With Deletion Protection Disabled
2c161e58-cb52-454f-abea-6470c37b5e6e|CloudFormation|Low|Backup|Query details
Documentation
|
-|Automatic Minor Upgrades Disabled
f0104061-8bfc-4b45-8a7d-630eb502f281|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|CDN Configuration Is Missing
e4f54ff4-d352-40e8-a096-5141073c37a2|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|Cognito UserPool Without MFA
74a18d1a-cf02-4a31-8791-ed0967ad7fdc|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|Geo Restriction Disabled
7f8843f0-9ea5-42b4-a02b-753055113195|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|IAM Access Analyzer Not Enabled
8d29754a-2a18-460d-a1ba-9509f8d359da|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|IAM Password Without Minimum Length
b1b20ae3-8fa7-4af5-a74d-a2145920fcb1|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|IAM Policies Without Groups
5e7acff5-095b-40ac-9073-ac2e4ad8a512|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|Lambda Permission Misconfigured
9b83114b-b2a1-4534-990d-06da015e47aa|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|Security Group Ingress Has CIDR Not Recommended
a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd|CloudFormation|Low|Best Practices|Query details
Documentation
|
-|DynamoDB With Not Recommented Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|CloudFormation|Low|Build Process|Query details
Documentation
|
-|EFS Without Tags
08e39832-5e42-4304-98a0-aa5b43393162|CloudFormation|Low|Build Process|Query details
Documentation
|
-|API Gateway With Invalid Compression
d6653eee-2d4d-4e6a-976f-6794a497999a|CloudFormation|Low|Encryption|Query details
Documentation
|
-|CloudTrail Log Files Not Encrypted With KMS
050a9ba8-d1cb-4c61-a5e8-8805a70d3b85|CloudFormation|Low|Encryption|Query details
Documentation
|
-|EFS Without KMS
6d087495-2a42-4735-abf7-02ef5660a7e6|CloudFormation|Low|Encryption|Query details
Documentation
|
-|API Gateway Cache Cluster Disabled
52790cad-d60d-41d5-8483-146f9f21208d|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Inline Policies Are Attached To ECS Service
9e8c89b3-7997-4d15-93e4-7911b9db99fd|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Instance With No VPC
8a6d36cd-0bc6-42b7-92c4-67acc8576861|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Lambda Function Without Dead Letter Queue
c2eae442-d3ba-4cb1-84ca-1db4f80eae3d|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Lambda Function Without Tags
8df8e857-bd59-44fa-9f4c-d77594b95b46|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Wildcard In ACM Certificate Domain Name
cc8b294f-006f-4f8f-b5bb-0a9140c33131|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|RouterTable with Default Routing
4f0908b9-eb66-433f-9145-134274e1e944|CloudFormation|Low|Insecure Defaults|Query details
Documentation
|
-|S3 Bucket Should Have Bucket Policy
37fa8188-738b-42c8-bf82-6334ea567738|CloudFormation|Low|Insecure Defaults|Query details
Documentation
|
-|EC2 Instance Using Default VPC
e42a3ef0-5325-4667-84bf-075ba1c9d58e|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Using Default Port
323db967-c68e-44e6-916c-a777f95af34b|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Without VPC
ba766c53-fe71-4bbb-be35-b6803f2ef13e|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|EMR Without VPC
bf89373a-be40-4c04-99f5-746742dfd7f3|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|RDS Using Default Port
1fe9d958-ddce-4228-a124-05265a959a8b|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|Redshift Using Default Port
a478af30-8c3a-404d-aa64-0b673cee509a|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|Security Groups Without VPC Attached
493d9591-6249-47bf-8dc0-5c10161cc558|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|Shield Advanced Not In Use
ad7444cf-817a-4765-a79e-2145f7981faf|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
-|API Gateway Deployment Without API Gateway UsagePlan Associated
783860a3-6dca-4c8b-81d0-7b62769ccbca|CloudFormation|Low|Observability|Query details
Documentation
|
-|API Gateway X-Ray Disabled
4ab10c48-bedb-4deb-8f3b-ff12783b61de|CloudFormation|Low|Observability|Query details
Documentation
|
-|CloudTrail Log File Validation Disabled
2a3560fe-52ca-4443-b34f-bf0ed5eb74c8|CloudFormation|Low|Observability|Query details
Documentation
|
-|CloudTrail Multi Region Disabled
058ac855-989f-4378-ba4d-52d004020da7|CloudFormation|Low|Observability|Query details
Documentation
|
-|CloudTrail Not Integrated With CloudWatch
65d07da5-9af5-44df-8983-52d2e6f24c44|CloudFormation|Low|Observability|Query details
Documentation
|
-|CloudTrail SNS Topic Name Undefined
3e09413f-471e-40f3-8626-990c79ae63f3|CloudFormation|Low|Observability|Query details
Documentation
|
-|CMK Rotation Disabled
1c07bfaf-663c-4f6f-b22b-8e2d481e4df5|CloudFormation|Low|Observability|Query details
Documentation
|
-|Configuration Aggregator to All Regions Disabled
9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d|CloudFormation|Low|Observability|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
ab759fde-e1e8-4b0e-ad73-ba856e490ed8|CloudFormation|Low|Observability|Query details
Documentation
|
-|ECS Task Definition HealthCheck Missing
d24389b4-b209-4ff0-8345-dc7a4569dcdd|CloudFormation|Low|Observability|Query details
Documentation
|
-|ElasticSearch Without Slow Logs
086ea2eb-14a6-4fd4-914b-38e0bc8703e8|CloudFormation|Low|Observability|Query details
Documentation
|
-|Lambda Functions Without X-Ray Tracing
9488c451-074e-4cd3-aee3-7db6104f542c|CloudFormation|Low|Observability|Query details
Documentation
|
-|Stack Notifications Disabled
837e033c-4717-40bd-807e-6abaa30161b7|CloudFormation|Low|Observability|Query details
Documentation
|
-|Unscanned ECR Image
9025b2b3-e554-4842-ba87-db7aeec36d35|CloudFormation|Low|Observability|Query details
Documentation
|
-|API Gateway Stage Without API Gateway UsagePlan Associated
7f8f1b60-43df-4c28-aa21-fb836dbd8071|CloudFormation|Low|Resource Management|Query details
Documentation
|
-|ECS Task Definition Invalid CPU or Memory
f4c9b5f5-68b8-491f-9e48-4f96644a1d51|CloudFormation|Low|Resource Management|Query details
Documentation
|
-|SDB Domain Declared As A Resource
6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d|CloudFormation|Low|Resource Management|Query details
Documentation
|
-|VPC Without Attached Subnet
3b3b4411-ad1f-40e7-b257-a78a6bb9673a|CloudFormation|Low|Resource Management|Query details
Documentation
|
-|EBS Volume Without KmsKeyId
b7063015-6c31-4658-a8e7-14f98f37fd42|CloudFormation|Low|Secret Management|Query details
Documentation
|
-|Secrets Manager Should Specify KmsKeyId
c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22|CloudFormation|Low|Secret Management|Query details
Documentation
|
-|SNS Topic Without KmsMasterKeyId
9d13b150-a2ab-42a1-b6f4-142e41f81e52|CloudFormation|Low|Secret Management|Query details
Documentation
|
-|EC2 Not EBS Optimized
8dd0ff1f-0da4-48df-9bb3-7f338ae36a40|CloudFormation|Info|Best Practices|Query details
Documentation
|
-|Security Group Rule Without Description
5e6c9c68-8a82-408e-8749-ddad78cbb9c5|CloudFormation|Info|Best Practices|Query details
Documentation
|
-|EC2 Network ACL Duplicate Rule
045ddb54-cfc5-4abb-9e05-e427b2bc96fe|CloudFormation|Info|Networking and Firewall|Query details
Documentation
|
-|BOM - AWS Cassandra
124b173b-e06d-48a6-8acd-f889443d97a4|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS DynamoDB
4e67c0ae-38a0-47f4-a50c-f0c9b75826df|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EBS
0b0556ea-9cd9-476f-862e-20679dda752b|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EFS
ef05a925-8568-4054-8ff1-f5ba82631c16|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Elasticache
c689f51b-9203-43b3-9d8b-caed123f706c|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Kinesis
d53323be-dde6-4457-9a43-42df737e71d2|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MQ
209189f3-c879-48a7-9703-fbcfa96d0cef|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MSK
2730c169-51d7-4ae7-99b5-584379eff1bb|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS RDS
6ef03ff6-a2bd-483c-851f-631f248bc0ea|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS S3 Buckets
b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SNS
42e7dca3-8cce-4325-8df0-108888259136|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SQS
59a849c2-1127-4023-85a5-ef906dcd458c|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
-|Serverless Function Without Unique IAM Role
4ba74f01-aba5-4be2-83bc-be79ff1a3b92|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Environment Variables Not Encrypted
a7f8ac28-eed1-483d-87c8-4c325f022572|CloudFormation|Medium|Encryption|Query details
Documentation
|
-|Serverless API Endpoint Config Not Private
6b5b0313-771b-4319-ad7a-122ee78700ef|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
-|Serverless API Access Logging Setting Undefined
0a994e04-c6dc-471d-817e-d37451d18a3b|CloudFormation|Medium|Observability|Query details
Documentation
|
-|Serverless API X-Ray Tracing Disabled
c757c6a3-ac87-4b9d-b28d-e5a5add6a315|CloudFormation|Medium|Observability|Query details
Documentation
|
-|Serverless API Without Content Encoding
a2f2800e-614b-4bc8-89e6-fec8afd24800|CloudFormation|Low|Encryption|Query details
Documentation
|
-|Serverless API Cache Cluster Disabled
60a05ede-0a68-4d0d-a58f-f538cf55ff79|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without Dead Letter Queue
cb2f612b-ed42-4ff5-9fb9-255c73d39a18|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without Tags
a71ecabe-03b6-456a-b3bc-d1a39aa20c98|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without X-Ray Tracing
dc1ab429-1481-4540-9b1d-280e3f15f1f8|CloudFormation|Low|Observability|Query details
Documentation
|
-|Passwords And Secrets
a88baa34-e2ad-44ea-ad6f-8cac87bc7c71|Common|High|Secret Management|Query details
Documentation
|
-|DB Instance Storage Not Encrypted
e50eb68a-a4af-4048-8bbe-8ec324421469|Crossplane|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
72840c35-3876-48be-900d-f21b2f0c2ea1|Crossplane|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
a507daa5-0795-4380-960b-dd7bb7c56661|Crossplane|High|Encryption|Query details
Documentation
|
-|Neptune Database Cluster Encryption Disabled
83bf5aca-138a-498e-b9cd-ad5bc5e117b4|Crossplane|High|Encryption|Query details
Documentation
|
-|DB Security Group Has Public Interface
dd667399-8d9d-4a8d-bbb4-e49ab53b2f52|Crossplane|High|Insecure Configurations|Query details
Documentation
|
-|SQS With SSE Disabled
9296f1cc-7a40-45de-bd41-f31745488a0e|Crossplane|Medium|Encryption|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
255b0fcc-9f82-41fe-9229-01b163e3376b|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
d9dc6429-5140-498a-8f55-a10daac5f000|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without WAF
6d19ce0f-b3d8-4128-ac3d-1064e0f00494|Crossplane|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Logging Disabled
7b590235-1ff4-421b-b9ff-5227134be9bb|Crossplane|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
e6cd49ba-77ed-417f-9bca-4f5303554308|Crossplane|Medium|Observability|Query details
Documentation
|
-|EFS Without KMS
bdecd6db-2600-47dd-a10c-72c97cf17ae9|Crossplane|Low|Encryption|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
0c7a76d9-7dc5-499e-81ac-9245839177cb|Crossplane|Low|Observability|Query details
Documentation
|
-|CloudWatch Without Retention Period Specified
934613fe-b12c-4e5a-95f5-c1dcdffac1ff|Crossplane|Info|Observability|Query details
Documentation
|
-|AKS RBAC Disabled
b2418936-cd47-4ea2-8346-623c0bdb87bd|Crossplane|Medium|Access Control|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
6c7cfec3-c686-4ed2-bf58-a1ec054b63fc|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Container Node Pool Auto Repair Disabled
b4f65d13-a609-4dc1-af7c-63d2e08bffe9|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
6c2d627c-de0f-45fb-b33d-dad9bffbb421|Crossplane|Medium|Observability|Query details
Documentation
|
-|Docker Socket Mounted In Container
d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b|DockerCompose|High|Build Process|Query details
Documentation
|
-|Volume Has Sensitive Host Directory
1c1325ff-831d-43a1-973e-839ae57dfcc0|DockerCompose|High|Build Process|Query details
Documentation
|
-|Volume Mounted In Multiple Containers
baa452f0-1f21-4a25-ace5-844e7a5f410d|DockerCompose|High|Build Process|Query details
Documentation
|
-|No New Privileges Not Set
27fcc7d6-c49b-46e0-98f1-6c082a6a2750|DockerCompose|High|Resource Management|Query details
Documentation
|
-|Privileged Containers Enabled
ae5b6871-7f45-42e0-bb4c-ab300c4d2026|DockerCompose|High|Resource Management|Query details
Documentation
|
-|Healthcheck Not Set
698ed579-b239-4f8f-a388-baa4bcb13ef8|DockerCompose|Medium|Availability|Query details
Documentation
|
-|Cgroup Not Default
4d9f44c6-2f4a-4317-9bb5-267adbea0232|DockerCompose|Medium|Build Process|Query details
Documentation
|
-|Restart Policy On Failure Not Set To 5
2fc99041-ddad-49d5-853f-e35e70a48391|DockerCompose|Medium|Build Process|Query details
Documentation
|
-|Container Traffic Not Bound To Host Interface
451d79dc-0588-476a-ad03-3c7f0320abb3|DockerCompose|Medium|Networking and Firewall|Query details
Documentation
|
-|Privileged Ports Mapped In Container
bc2908f3-f73c-40a9-8793-c1b7d5544f79|DockerCompose|Medium|Networking and Firewall|Query details
Documentation
|
-|Container Capabilities Unrestricted
ce76b7d0-9e77-464d-b86f-c5c48e03e22d|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Default Seccomp Profile Disabled
404fde2c-bc4b-4371-9747-7054132ac953|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Host Namespace is Shared
4f31dd9f-2cc3-4751-9b53-67e4af83dac0|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Memory Not Limited
bb9ac4f7-e13b-423d-a010-c74a1bfbe492|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Pids Limit Not Set
221e0658-cb2a-44e3-b08a-db96a341d6fa|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Security Opt Not Set
610e266e-6c12-4bca-9925-1ed0cd29742b|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Shared Host IPC Namespace
baa3890f-bed7-46f5-ab8f-1da8fc91c729|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Shared Host Network Namespace
071a71ff-f868-47a4-ac0b-3c59e4ab5443|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Shared Host User Namespace
8af7162d-6c98-482f-868e-0d33fb675ca8|DockerCompose|Medium|Resource Management|Query details
Documentation
|
-|Cpus Not Limited
6b610c50-99fb-4ef0-a5f3-e312fd945bc3|DockerCompose|Low|Resource Management|Query details
Documentation
|
-|Shared Volumes Between Containers
8c978947-0ff6-485c-b0c2-0bfca6026466|DockerCompose|Info|Insecure Configurations|Query details
Documentation
|
-|Last User Is 'root'
67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae|Dockerfile|High|Best Practices|Query details
Documentation
|
-|Missing User Instruction
fd54f200-402c-4333-a5a4-36ef6709af2f|Dockerfile|High|Build Process|Query details
Documentation
|
-|Changing Default Shell Using RUN Command
8a301064-c291-4b20-adcb-403fe7fd95fd|Dockerfile|Medium|Best Practices|Query details
Documentation
|
-|Image Version Using 'latest'
f45ea400-6bbe-4501-9fc7-1c3d75c32067|Dockerfile|Medium|Best Practices|Query details
Documentation
|
-|Not Using JSON In CMD And ENTRYPOINT Arguments
b86987e1-6397-4619-81d5-8807f2387c79|Dockerfile|Medium|Build Process|Query details
Documentation
|
-|Run Using Sudo
8ada6e80-0ade-439e-b176-0b28f6bce35a|Dockerfile|Medium|Insecure Configurations|Query details
Documentation
|
-|Add Instead of Copy
9513a694-aa0d-41d8-be61-3271e056f36b|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Apt Get Install Pin Version Not Defined
965a08d7-ef86-4f14-8792-4a3b2098937e|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Gem Install Without Version
22cd11f7-9c6c-4f6e-84c0-02058120b341|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Image Version Not Explicit
9efb0b2d-89c9-41a3-91ca-dcc0aec911fd|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Missing Version Specification In dnf install
93d88cf7-f078-46a8-8ddc-178e03aeacf1|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Missing Zypper Non-interactive Switch
45e1fca5-f90e-465d-825f-c2cb63fa3944|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|NPM Install Command Without Pinned Version
e36d8880-3f78-4546-b9a1-12f0745ca0d5|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Unpinned Package Version in Apk Add
d3499f6d-1651-41bb-a9a7-de925fea487b|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Unpinned Package Version in Pip Install
02d9c71f-3ee8-4986-9c27-1a20d0d19bfc|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Yum install Without Version
6452c424-1d92-4deb-bb18-a03e95d579c4|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
-|Chown Flag Exists
aa93e17f-b6db-4162-9334-c70334e7ac28|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Curl or Wget Instead of Add
4b410d24-1cbe-4430-a632-62c9a931cf1c|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Exposing Port 22 (SSH)
5907595b-5b6d-4142-b173-dbb0e73fbff8|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|MAINTAINER Instruction Being Used
99614418-f82b-4852-a9ae-5051402b741c|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Missing Dnf Clean All
295acb63-9246-4b21-b441-7c1f1fb62dc0|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Missing Zypper Clean
38300d1a-feb2-4a48-936a-d1ef1cd24313|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Multiple RUN, ADD, COPY, Instructions Listed
0008c003-79aa-42d8-95b8-1c2fe37dbfe6|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Pip install Keeping Cached Packages
f2f903fb-b977-461e-98d7-b3e2185c6118|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|Yum Clean All Missing
00481784-25aa-4a55-8633-3136dfcf4f37|Dockerfile|Low|Best Practices|Query details
Documentation
|
-|COPY '--from' References Current FROM Alias
cdddb86f-95f6-4fc4-b5a1-483d9afceb2b|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Copy With More Than Two Arguments Not Ending With Slash
6db6e0c2-32a3-4a2e-93b5-72c35f4119db|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Multiple CMD Instructions Listed
41c195f4-fc31-4a5c-8a1b-90605538d49f|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Multiple ENTRYPOINT Instructions Listed
6938958b-3f1a-451c-909b-baeee14bdc97|Dockerfile|Low|Build Process|Query details
Documentation
|
-|RUN Instruction Using 'cd' Instead of WORKDIR
f4a6bcd3-e231-4acf-993c-aa027be50d2e|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Same Alias In Different Froms
f2daed12-c802-49cd-afed-fe41d0b82fed|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Update Instruction Alone
9bae49be-0aa3-4de5-bab2-4c3a069e40cd|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Using Unnamed Build Stages
68a51e22-ae5a-4d48-8e87-b01a323605c9|Dockerfile|Low|Build Process|Query details
Documentation
|
-|WORKDIR Path Not Absolute
6b376af8-cfe8-49ab-a08d-f32de23661a4|Dockerfile|Low|Build Process|Query details
Documentation
|
-|Healthcheck Instruction Missing
b03a748a-542d-44f4-bb86-9199ab4fd2d5|Dockerfile|Low|Insecure Configurations|Query details
Documentation
|
-|Shell Running A Pipe Without Pipefail Flag
efbf148a-67e9-42d2-ac47-02fa1c0d0b22|Dockerfile|Low|Insecure Defaults|Query details
Documentation
|
-|APT-GET Missing Flags To Avoid Manual Input
77783205-c4ca-4f80-bb80-c777f267c547|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
-|Missing Flag From Dnf Install
7ebd323c-31b7-4e5b-b26f-de5e9e477af8|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
-|Run Using 'wget' and 'curl'
fc775e75-fcfb-4c98-b2f2-910c5858b359|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
-|Run Using apt
b84a0b47-2e99-4c9f-8933-98bcabe2b94d|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
-|Yum Install Allows Manual Input
6e19193a-8753-436d-8a09-76dcff91bb03|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
-|Zypper Install Without Version
562952e4-0348-4dea-9826-44f3a2c6117b|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
-|Using Platform Flag with FROM Command
b16e8501-ef3c-44e1-a543-a093238099c9|Dockerfile|Info|Best Practices|Query details
Documentation
|
-|UNIX Ports Out Of Range
71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e|Dockerfile|Info|Networking and Firewall|Query details
Documentation
|
-|Apk Add Using Local Cache Path
ae9c56a6-3ed1-4ac0-9b54-31267f51151d|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
-|Apt Get Install Lists Were Not Deleted
df746b39-6564-4fed-bf85-e9c44382303c|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
-|APT-GET Not Avoiding Additional Packages
7384dfb2-fcd1-4fbf-91cd-6c44c318c33c|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
-|Run Utilities And POSIX Commands
9b6b0f38-92a2-41f9-b881-3a1083d99f1b|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
-|Cloud Storage Anonymous or Publicly Accessible
63ae3638-a38c-4ff4-b616-6e1f72a31a6a|GoogleDeploymentManager|Critical|Access Control|Query details
Documentation
|
-|BigQuery Dataset Is Public
83103dff-d57f-42a8-bd81-40abab64c1a7|GoogleDeploymentManager|High|Access Control|Query details
Documentation
|
-|SQL DB Instance With SSL Disabled
660360d3-9ca7-46d1-b147-3acc4002953f|GoogleDeploymentManager|High|Encryption|Query details
Documentation
|
-|Client Certificate Disabled
dd690686-2bf9-4012-a821-f61912dd77be|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
-|GKE Legacy Authorization Enabled
df58d46c-783b-43e0-bdd0-d99164f712ee|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
-|Google Storage Bucket Level Access Disabled
1239f54b-33de-482a-8132-faebe288e6a6|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
-|MySQL Instance With Local Infile On
c759d6f2-4dd3-4160-82d3-89202ef10d87|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
-|RDP Access Is Not Restricted
50cb6c3b-c878-4b88-b50e-d1421bada9e8|GoogleDeploymentManager|High|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Is Publicly Accessible
77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc|GoogleDeploymentManager|Medium|Access Control|Query details
Documentation
|
-|SQL DB Instance Backup Disabled
a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01|GoogleDeploymentManager|Medium|Backup|Query details
Documentation
|
-|Disk Encryption Disabled
fc040fb6-4c23-4c0d-b12a-39edac35debb|GoogleDeploymentManager|Medium|Encryption|Query details
Documentation
|
-|DNSSEC Using RSASHA1
6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35|GoogleDeploymentManager|Medium|Encryption|Query details
Documentation
|
-|Cloud DNS Without DNSSEC
313d6deb-3b67-4948-b41d-35b699c2492e|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|Cluster Master Authentication Disabled
7ef7d141-9fbb-4679-a977-fd0883436906|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|IP Aliasing Disabled
28727987-e398-49b8-aef1-8a3e7789d111|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Policy Disabled
c47f90e8-4a19-43f0-8413-cc434d286c4e|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|OSLogin Is Disabled In VM Instance
e66e1b71-c810-4b4e-a737-0ab59e7f5e41|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|Private Cluster Disabled
48c61fbd-09c9-46cc-a521-012e0c325412|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded VM Disabled
9038b526-4c19-4928-bca2-c03d503bdb79|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
-|Compute Instance Is Publicly Accessible
8212e2d7-e683-49bc-bf78-d6799075c5a7|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
-|GKE Master Authorized Networks Disabled
62c8cf50-87f0-4295-a974-8184ed78fe02|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
-|IP Forwarding Enabled
7c98538a-81c6-444b-bf04-e60bc3ceeec0|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Access Is Not Restricted
dee21308-2a7a-49de-8ff7-c9b87e188575|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
-|Bucket Without Versioning
227c2f58-70c6-4432-8e9a-a89c1a548cf5|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
-|Cloud Storage Bucket Versioning Disabled
ad0875c1-0b39-4890-9149-173158ba3bba|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
-|Stackdriver Logging Disabled
95601b9a-7fe8-4aee-9b58-d36fd9382dfc|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
-|Stackdriver Monitoring Disabled
bbfc97ab-e92a-4a7b-954c-e88cec815011|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
-|Node Auto Upgrade Disabled
dc5c5fee-6c53-43b0-ab11-4c660e064aaf|GoogleDeploymentManager|Medium|Resource Management|Query details
Documentation
|
-|Project-wide SSH Keys Are Enabled In VM Instances
6e2b1ec1-1eca-4eb7-9d4d-2882680b4811|GoogleDeploymentManager|Medium|Secret Management|Query details
Documentation
|
-|Cluster Labels Disabled
8810968b-4b15-421d-918b-d91eb4bb8d1d|GoogleDeploymentManager|Low|Insecure Configurations|Query details
Documentation
|
-|COS Node Image Not Used
dbe058d7-b82e-430b-8426-992b2e4677e7|GoogleDeploymentManager|Low|Insecure Configurations|Query details
Documentation
|
-|Not Proper Email Account In Use
a21b8df3-c840-4b3d-a41a-10fb2afda171|GoogleDeploymentManager|Low|Insecure Configurations|Query details
Documentation
|
-|BOM - GCP PD
268c65a8-58ad-43e4-9019-1a9bbc56749f|GoogleDeploymentManager|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP PST
9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8|GoogleDeploymentManager|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP SB
c7781feb-a955-4f9f-b9cf-0d7c6f54bb59|GoogleDeploymentManager|Trace|Bill Of Materials|Query details
Documentation
|
-|Enum Name Not CamelCase
daaace5f-c0dc-4835-b526-7a116b7f4b4e|GRPC|Info|Best Practices|Query details
Documentation
|
-|Serving Revision Spec Without Timeout Seconds
e8bb41e4-2f24-4e84-8bea-8c7c070cf93d|Knative|Info|Insecure Configurations|Query details
Documentation
|
-|Authorization Mode Set To Always Allow
f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5|Kubernetes|High|Access Control|Query details
Documentation
|
-|Basic Auth File Is Set
5da47109-f8d6-4585-9e2b-96a8958a12f5|Kubernetes|High|Access Control|Query details
Documentation
|
-|Client Certificate Authentication Not Setup Properly
e0e00aba-5f1c-4981-a542-9a9563c0ee20|Kubernetes|High|Access Control|Query details
Documentation
|
-|Non Kube System Pod With Host Mount
aa8f7a35-9923-4cad-bd61-a19b7f6aac91|Kubernetes|High|Access Control|Query details
Documentation
|
-|RBAC Wildcard In Rule
6b896afb-ca07-467a-b256-1a0077a1c08e|Kubernetes|High|Access Control|Query details
Documentation
|
-|Service Account Lookup Set To False
a5530bd7-225a-48f9-91bb-f40b04200165|Kubernetes|High|Access Control|Query details
Documentation
|
-|Token Auth File Is Set
32ecd76e-7bbf-402e-bf48-8b9485749558|Kubernetes|High|Access Control|Query details
Documentation
|
-|Pod Security Policy Admission Control Plugin Not Set
afa36afb-39fe-4d94-b9b6-afb236f7a03d|Kubernetes|High|Build Process|Query details
Documentation
|
-|Cluster Allows Unsafe Sysctls
9127f0d9-2310-42e7-866f-5fd9d20dcbad|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Container Is Privileged
dd29336b-fe57-445b-a26e-e6aa867ae609|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Container Runs Unmasked
f922827f-aab6-447c-832a-e1ff63312bd3|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Containers With Sys Admin Capabilities
235236ee-ad78-4065-bd29-61b061f28ce0|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Privilege Escalation Allowed
5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Containers To Share The Host Network Namespace
a33e9173-b674-4dfb-9d82-cf3754816e4b|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Privilege Escalation
87554eef-154d-411d-bdce-9dbd91e56851|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Sharing Host IPC
80f93444-b240-4ebb-a4c6-5c40b76c04ea|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|PSP Set To Privileged
c48e57d3-d642-4e0b-90db-37f807b41b91|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|PSP With Added Capabilities
7307579a-3abb-46ad-9ce5-2a915634d5c8|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Shared Host PID Namespace
302736f4-b16c-41b8-befe-c0baffa0bd9d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Tiller (Helm v2) Is Deployed
6d173be7-545a-46c6-a81d-2ae52ed1605d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Tiller Service Is Not Deleted
8b862ca9-0fbd-4959-ad72-b6609bdaa22d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Workload Mounting With Sensitive OS Directory
5308a7a8-06f8-45ac-bf10-791fe21de46e|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
-|Etcd Peer TLS Certificate Files Not Properly Set
09bb9e96-8da3-4736-b89a-b36814acca60|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
-|Insecure Bind Address Set
b9380fd3-5ffe-4d10-9290-13e18e71eee1|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
-|Insecure Port Not Properly Set
fa4def8c-1898-4a35-a139-7b76b1acdef0|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
-|Secure Port Set To Zero
3d24b204-b73d-42cb-b0bf-1a5438c5f71e|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
-|Tiller Deployment Is Accessible From Within The Cluster
e17fa86a-6222-4584-a914-56e8f6c87e06|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
-|PSP With Unrestricted Access to Host Path
de4421f1-4e35-43b4-9783-737dd4e4a47e|Kubernetes|High|Resource Management|Query details
Documentation
|
-|Volume Mount With OS Directory Write Permissions
b7652612-de4e-4466-a0bf-1cd81f0c6063|Kubernetes|High|Resource Management|Query details
Documentation
|
-|Always Admit Admission Control Plugin Set
ce30e584-b33f-4c7d-b418-a3d7027f8f60|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Anonymous Auth Is Not Set To False
1de5cc51-f376-4638-a940-20f2e85ae238|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Authorization Mode RBAC Not Set
1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Docker Daemon Socket is Exposed to Containers
a6f34658-fdfb-4154-9536-56d516f65828|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Node Restriction Admission Control Plugin Not Set
33fc6923-6553-4fe6-9d3a-4efa51eb874b|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Permissive Access to Create Pods
592ad21d-ad9b-46c6-8d2d-fad09d62a942|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles Allow Privilege Escalation
8320826e-7a9c-4b0b-9535-578333193432|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Attach Permission
d45330fd-f58d-45fb-a682-6481477a0f84|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Exec Permission
c589f42c-7924-4871-aee2-1cede9bc7cbc|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Impersonate Permission
9f85c3f6-26fd-4007-938a-2e0cb0100980|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Port-Forwarding Permission
38fa11ef-dbcc-4da8-9680-7e1fd855b6fb|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Read Secrets Permissions
b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Service Account Admission Control Plugin Disabled
9587c890-0524-40c2-9ce2-663af7c2f063|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Use Service Account Credentials Not Set To True
1acd93f1-5a37-45c0-aaac-82ece818be7d|Kubernetes|Medium|Access Control|Query details
Documentation
|
-|Readiness Probe Is Not Configured
a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3|Kubernetes|Medium|Availability|Query details
Documentation
|
-|Request Timeout Not Properly Set
d89a15bb-8dba-4c71-9529-bef6729b9c09|Kubernetes|Medium|Availability|Query details
Documentation
|
-|Terminated Pod Garbage Collector Threshold Not Properly Set
49113af4-29ca-458e-b8d4-724c01a4a24f|Kubernetes|Medium|Availability|Query details
Documentation
|
-|Container Running As Root
cf34805e-3872-4c08-bf92-6ff7bb0cfadb|Kubernetes|Medium|Best Practices|Query details
Documentation
|
-|Container Running With Low UID
02323c00-cdc3-4fdc-a310-4f2b3e7a1660|Kubernetes|Medium|Best Practices|Query details
Documentation
|
-|Root Containers Admitted
e3aa0612-4351-4a0d-983f-aefea25cf203|Kubernetes|Medium|Best Practices|Query details
Documentation
|
-|Always Pull Images Admission Control Plugin Not Set
a77f4d07-c6e0-4a48-8b35-0eeb51576f4f|Kubernetes|Medium|Build Process|Query details
Documentation
|
-|Incorrect Volume Claim Access Mode ReadWriteOnce
3878dc92-8e5d-47cf-9cdd-7590f71d21b9|Kubernetes|Medium|Build Process|Query details
Documentation
|
-|Encryption Provider Config Is Not Defined
cbd2db69-0b21-4c14-8a40-7710a50571a9|Kubernetes|Medium|Encryption|Query details
Documentation
|
-|Encryption Provider Not Properly Configured
10efce34-5af6-4d83-b414-9e096d5a06a9|Kubernetes|Medium|Encryption|Query details
Documentation
|
-|Root CA File Not Defined
05fb986f-ac73-4ebb-a5b2-7faafa93d882|Kubernetes|Medium|Encryption|Query details
Documentation
|
-|Service Account Private Key File Not Defined
ccc98ff7-68a7-436e-9218-185cb0b0b780|Kubernetes|Medium|Encryption|Query details
Documentation
|
-|Weak TLS Cipher Suites
510d5810-9a30-443a-817d-5c1fa527b110|Kubernetes|Medium|Encryption|Query details
Documentation
|
-|Authorization Mode Node Not Set
4d7ee40f-fc5d-427d-8cac-dffbe22d42d1|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Containers With Added Capabilities
19ebaa28-fc86-4a58-bcfa-015c9e22fe40|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Ingress Controller Exposes Workload
69bbc5e3-0818-4150-89cc-1e989b48f23b|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Kubelet Protect Kernel Defaults Set To False
6cf42c97-facd-4fda-b8af-ea4529123355|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Disabled for PSP
2270987f-bb51-479f-b8be-3ca73e5ad648|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Not Being Dropped
dbbc6705-d541-43b0-b166-dd4be8208b54|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Sharing Host PID
91dacd0e-d189-4a9c-8272-5999a3cc32d9|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Seccomp Profile Is Not Configured
f377b83e-bd07-4f48-a591-60c82b14a78b|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Security Context Deny Admission Control Plugin Not Set
6a68bebe-c021-492e-8ddb-55b0567fb768|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Using Unrecommended Namespace
611ab018-c4aa-4ba2-b0f6-a448337509a6|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
-|Role Binding To Default Service Account
1e749bc9-fde8-471c-af0c-8254efd2dee5|Kubernetes|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Name Undefined Or Empty
591ade62-d6b0-4580-b1ae-209f80ba1cd9|Kubernetes|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Token Automount Not Disabled
48471392-d4d0-47c0-b135-cdec95eb3eef|Kubernetes|Medium|Insecure Defaults|Query details
Documentation
|
-|Auto TLS Set To True
98ce8b81-7707-4734-aa39-627c6db3d84b|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|CNI Plugin Does Not Support Network Policies
03aabc8c-35d6-481e-9c85-20139cf72d23|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Etcd TLS Certificate Files Not Properly Set
075ca296-6768-4322-aea2-ba5063b969a9|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Etcd TLS Certificate Not Properly Configured
895a5a95-3756-4b04-9924-2f3bc93181bd|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet HTTPS Set To False
cdc8b54e-6b16-4538-a1b0-35849dbe29cf|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet Not Managing Ip Tables
5f89001f-6dd9-49ff-9b15-d8cd71b617f4|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet Read Only Port Is Not Set To Zero
2940d48a-dc5e-4178-a3f8-bfbd80720b41|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet Streaming Connection Timeout Disabled
ed89b97d-04e9-4fd4-919f-ee5b27e555e9|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Peer Auto TLS Set To True
ae8827e2-4af9-4baa-9998-87539ae0d6f0|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Pod Misconfigured Network Policy
0401f71b-9c1e-4821-ab15-a955caa621be|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Service With External Load Balancer
26763a1c-5dda-4772-b507-5fca7fb5f165|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|TSL Connection Certificate Not Setup
fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
-|Audit Log Path Not Set
73e251f0-363d-4e53-86e2-0a93592437eb|Kubernetes|Medium|Observability|Query details
Documentation
|
-|Audit Policy File Not Defined
13a49a2e-488e-4309-a7c0-d6b05577a5fb|Kubernetes|Medium|Observability|Query details
Documentation
|
-|Memory Limits Not Defined
b14d1bc4-a208-45db-92f0-e21f8e2588e9|Kubernetes|Medium|Resource Management|Query details
Documentation
|
-|Memory Requests Not Defined
229588ef-8fde-40c8-8756-f4f2b5825ded|Kubernetes|Medium|Resource Management|Query details
Documentation
|
-|Shared Host IPC Namespace
cd290efd-6c82-4e9d-a698-be12ae31d536|Kubernetes|Medium|Resource Management|Query details
Documentation
|
-|Shared Host Network Namespace
6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a|Kubernetes|Medium|Resource Management|Query details
Documentation
|
-|Etcd Client Certificate Authentication Set To False
9391103a-d8d7-4671-ac5d-606ba7ccb0ac|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Etcd Client Certificate File Not Defined
3f5ff8a7-5ad6-4d02-86f5-666307da1b20|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Etcd Peer Client Certificate Authentication Set To False
b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Kubelet Certificate Authority Not Set
ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Kubelet Client Certificate Or Key Not Set
36a27826-1bf5-49da-aeb0-a60a30c0e834|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Kubelet Client Periodic Certificate Switch Disabled
52d70f2e-3257-474c-b3dc-8ad9ba6a061a|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Not Unique Certificate Authority
cb7e695d-6a85-495c-b15f-23aed2519303|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Rotate Kubelet Server Certificate Not Active
1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Service Account Key File Not Properly Set
dab4ec72-ce2e-4732-b7c3-1757dcce01a1|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|ServiceAccount Allows Access Secrets
056ac60e-fe07-4acc-9b34-8e1d51716ab9|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Shared Service Account
c1032cf7-3628-44e2-bd53-38c17cf31b6b|Kubernetes|Medium|Secret Management|Query details
Documentation
|
-|Cluster Admin Rolebinding With Superuser Permissions
249328b8-5f0f-409f-b1dd-029f07882e11|Kubernetes|Low|Access Control|Query details
Documentation
|
-|Missing AppArmor Profile
8b36775e-183d-4d46-b0f7-96a6f34a723f|Kubernetes|Low|Access Control|Query details
Documentation
|
-|Deployment Without PodDisruptionBudget
b23e9b98-0cb6-4fc9-b257-1f3270442678|Kubernetes|Low|Availability|Query details
Documentation
|
-|Event Rate Limit Admission Control Plugin Not Set
e0099af2-fe17-411f-9991-0de28fe15f3c|Kubernetes|Low|Availability|Query details
Documentation
|
-|HPA Targets Invalid Object
2f652c42-619d-4361-b361-9f599688f8ca|Kubernetes|Low|Availability|Query details
Documentation
|
-|StatefulSet Without PodDisruptionBudget
1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5|Kubernetes|Low|Availability|Query details
Documentation
|
-|StatefulSet Without Service Name
bb241e61-77c3-4b97-9575-c0f8a1e008d0|Kubernetes|Low|Availability|Query details
Documentation
|
-|Metadata Label Is Invalid
1123031a-f921-4c5b-bd86-ef354ecfd37a|Kubernetes|Low|Best Practices|Query details
Documentation
|
-|No Drop Capabilities for Containers
268ca686-7fb7-4ae9-b129-955a2a89064e|Kubernetes|Low|Best Practices|Query details
Documentation
|
-|Object Is Using A Deprecated API Version
94b76ea5-e074-4ca2-8a03-c5a606e30645|Kubernetes|Low|Best Practices|Query details
Documentation
|
-|Image Policy Webhook Admission Control Plugin Not Set
14abda69-8e91-4acb-9931-76e2bee90284|Kubernetes|Low|Build Process|Query details
Documentation
|
-|Namespace Lifecycle Admission Control Plugin Disabled
1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37|Kubernetes|Low|Build Process|Query details
Documentation
|
-|Root Container Not Mounted Read-only
a9c2f49d-0671-4fc9-9ece-f4e261e128d0|Kubernetes|Low|Build Process|Query details
Documentation
|
-|StatefulSet Requests Storage
8cf4671a-cf3d-46fc-8389-21e7405063a2|Kubernetes|Low|Build Process|Query details
Documentation
|
-|Dashboard Is Enabled
d2ad057f-0928-41ef-a83c-f59203bb855b|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Image Pull Policy Of The Container Is Not Set To Always
caa3479d-885d-4882-9aac-95e5e78ef5c2|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Image Without Digest
7c81d34c-8e5a-402b-9798-9f442630e678|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Kubelet Hostname Override Is Set
bf36b900-b5ef-4828-adb7-70eb543b7cfb|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without LimitRange
4a20ebac-1060-4c81-95d1-1f7f620e983b|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without ResourceQuota
48a5beba-e4c0-4584-a2aa-e6894e4cf424|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without Security Context
a97a340a-0063-418e-b3a1-3028941d0995|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Service Does Not Target Pod
3ca03a61-3249-4c16-8427-6f8e47dda729|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
-|Network Policy Is Not Targeting Any Pod
85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3|Kubernetes|Low|Networking and Firewall|Query details
Documentation
|
-|Service Type is NodePort
845acfbe-3e10-4b8e-b656-3b404d36dfb2|Kubernetes|Low|Networking and Firewall|Query details
Documentation
|
-|Workload Host Port Not Specified
2b1836f1-dcce-416e-8e16-da8c71920633|Kubernetes|Low|Networking and Firewall|Query details
Documentation
|
-|Audit Log Maxage Not Properly Set
da9f3aa8-fbfb-472f-b5a1-576127944218|Kubernetes|Low|Observability|Query details
Documentation
|
-|Audit Log Maxbackup Not Properly Set
768aab52-2504-4a2f-a3e3-329d5a679848|Kubernetes|Low|Observability|Query details
Documentation
|
-|Audit Log Maxsize Not Properly Set
35c0a471-f7c8-4993-aa2c-503a3c712a66|Kubernetes|Low|Observability|Query details
Documentation
|
-|Audit Policy Not Cover Key Security Concerns
1828a670-5957-4bc5-9974-47da228f75e2|Kubernetes|Low|Observability|Query details
Documentation
|
-|Kubelet Event QPS Not Properly Set
1a07a446-8e61-4e4d-bc16-b0781fcb8211|Kubernetes|Low|Observability|Query details
Documentation
|
-|Profiling Not Set To False
2f491173-6375-4a84-b28e-a4e2b9a58a69|Kubernetes|Low|Observability|Query details
Documentation
|
-|CPU Limits Not Set
4ac0e2b7-d2d2-4af7-8799-e8de6721ccda|Kubernetes|Low|Resource Management|Query details
Documentation
|
-|CPU Requests Not Set
ca469dd4-c736-448f-8ac1-30a642705e0a|Kubernetes|Low|Resource Management|Query details
Documentation
|
-|CronJob Deadline Not Configured
192fe40b-b1c3-448a-aba2-6cc19a300fe3|Kubernetes|Low|Resource Management|Query details
Documentation
|
-|Deployment Has No PodAntiAffinity
a31b7b82-d994-48c4-bd21-3bab6c31827a|Kubernetes|Low|Resource Management|Query details
Documentation
|
-|StatefulSet Has No PodAntiAffinity
d740d048-8ed3-49d3-b77b-6f072f3b669e|Kubernetes|Low|Resource Management|Query details
Documentation
|
-|Secrets As Environment Variables
3d658f8b-d988-41a0-a841-40043121de1e|Kubernetes|Low|Secret Management|Query details
Documentation
|
-|Invalid Image Tag
583053b7-e632-46f0-b989-f81ff8045385|Kubernetes|Low|Supply-Chain|Query details
Documentation
|
-|Ensure Administrative Boundaries Between Resources
e84eaf4d-2f45-47b2-abe8-e581b06deb66|Kubernetes|Info|Access Control|Query details
Documentation
|
-|HPA Targeted Deployments With Configured Replica Count
5744cbb8-5946-4b75-a196-ade44449525b|Kubernetes|Info|Availability|Query details
Documentation
|
-|Liveness Probe Is Not Defined
ade74944-a674-4e00-859e-c6eab5bde441|Kubernetes|Info|Availability|Query details
Documentation
|
-|Not Limited Capabilities For Pod Security Policy
caa93370-791f-4fc6-814b-ba6ce0cb4032|Kubernetes|Info|Insecure Configurations|Query details
Documentation
|
-|Bind Address Not Properly Set
46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2|Kubernetes|Info|Networking and Firewall|Query details
Documentation
|
-|Using Kubernetes Native Secret Management
b9c83569-459b-4110-8f79-6305aa33cb37|Kubernetes|Info|Secret Management|Query details
Documentation
|
-|Security Definitions Undefined or Empty
e3f026e8-fdb4-4d5a-bcfd-bd94452073fe|OpenAPI|High|Access Control|Query details
Documentation
|
-|Security Requirement Not Defined In Security Definition
a599b0d1-ff89-4cb8-9ece-9951854c06f6|OpenAPI|High|Structure and Semantics|Query details
Documentation
|
-|Global Security Using Password Flow
2da46be4-4317-4650-9285-56d7103c4f93|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Implicit Flow in OAuth2 (v2)
e9817ad8-a8c9-4038-8a2f-db0e6e7b284b|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Authorization URL (v2)
33d96c65-977d-4c33-943f-440baca49185|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Token URL (v2)
274f910a-0665-4f08-b66d-7058fe927dba|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Operation Using Basic Auth
ceefb058-8065-418f-9c4c-584a78c7e104|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Operation Using Implicit Flow
f42dfe7e-787d-4478-a75e-a5f3d8a2269e|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Operation Using Password Flow
2e44e632-d617-43cb-b294-6bfe72a08938|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Security Definitions Allows Password Flow
773116aa-2e6d-416f-bd85-f0301cc05d76|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Security Definitions Using Basic Auth
221015a8-aa2a-43f5-b00b-ad7d2b1d47a8|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Global Schemes Uses HTTP
f30ee711-0082-4480-85ab-31d922d9a2b2|OpenAPI|Medium|Encryption|Query details
Documentation
|
-|Path Scheme Accepts HTTP (v2)
a6847dc6-f4ea-45ac-a81f-93291ae6c573|OpenAPI|Medium|Encryption|Query details
Documentation
|
-|Schemes Uses HTTP
a46928f1-43d7-4671-94e0-2dd99746f389|OpenAPI|Medium|Encryption|Query details
Documentation
|
-|Operation Object Without 'consumes'
0c79e50e-b3cf-490c-b8f6-587c644d4d0c|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
-|Operation Object Without 'produces'
be3e170e-1572-461e-a8b6-d963def581ec|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
-|Non OAuth2 Security Requirement Defining OAuth2 Scopes
ba239cb9-f342-4c20-812d-7b5a2aa6969e|OpenAPI|Medium|Structure and Semantics|Query details
Documentation
|
-|Undefined Scope 'securityDefinition' On 'security' Field On Operations
3847280c-9193-40bc-8009-76168e822ce2|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Undefined Scope 'securityDefinition' On Global 'security' Field
9aa6e95c-d964-4239-a3a8-9f37a3c5a31f|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Constraining Enum Property
be1d8733-3731-40c7-a845-734741c6871d|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Global Parameter Definition Not Being Used
b30981fa-a12e-49c7-a5bb-eeafb61d0f0f|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Global Responses Definition Not Being Used
0b76d993-ee52-43e0-8b39-3787d2ddabf1|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Global Schema Definition Not Being Used
6d2e0790-cc3d-4c74-b973-d4e8b09f4455|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Invalid Media Type Value (v2)
f985a7d2-d404-4a7f-9814-f645f791e46e|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Operation Summary Too Long
d47940ca-5970-45cc-bdd1-4d81398cee1f|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Schema with 'additionalProperties' set as Boolean
3a01790c-ebee-4da6-8fd3-e78657383b75|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Unknown Prefix (v2)
3b615f00-c443-4ba9-acc4-7c308716917d|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|BasePath With Wrong Format
b4803607-ed72-4d60-99e2-3fa6edf471c6|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Body Parameter With Wrong Property
c38d630d-a415-4e3e-bac2-65475979ba88|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Body Parameter Without Schema
ed48229d-d43e-4da7-b453-5f98d964a57a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|File Parameter With Wrong Consumes Property
7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Host With Invalid Pattern
3d7d7b6c-fb0a-475e-8a28-c125e30d15f0|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Multi 'collectionformat' Not Valid For 'in' Parameter
750f6448-27c0-49f8-a153-b81735c1e19c|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Multiple Body Parameters In The Same Operation
b90033cf-ad9f-4fb9-acd1-1b9d6d278c87|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Non Body Parameter Without Schema
73c3bc54-3cc6-4c0a-b30a-e19f2abfc951|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Object Without Required Property (v2)
5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Operation Example Mismatch Produces MimeType
2cf35b40-ded3-43d6-9633-c8dcc8bcc822|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Operation Object Parameters With 'body' And 'formatData' locations
eb3f9744-d24e-4614-b1ff-2a9514eca21c|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter File Type Not In 'formData'
c3cab8c4-6c52-47a9-942b-c27f26fbd7d2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter JSON Reference Does Not Exists (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Incorrect Ref (v2)
2596545e-1757-4ff7-a15a-8a9a180a42f3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Property Not Unique
750b40be-4bac-4f59-bdc4-1ca0e6c3450e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Response Object With Incorrect Ref (v2)
bccfa089-89e4-47e0-a0e5-185fe6902220|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Responses JSON Reference Does Not Exists (v2)
e9db5fb4-6a84-4abb-b4af-3b94fbdace6d|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Schema JSON Reference Does Not Exists (v2)
98295b32-ec09-4b5b-89a9-39853197f914|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Schema Object Incorrect Ref (v2)
0220e1c5-65d1-49dd-b7c2-cef6d6cb5283|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Unknown Property (v2)
429b2106-ba37-43ba-9727-7f699cc611e1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Cleartext Credentials With Basic Authentication For Operation
86b1fa30-9790-4980-994d-a27e0f6f27c1|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Field 'securityScheme' On Components Is Undefined
8db5544e-4874-4baa-9322-e9f75a2d219e|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Global Security Scheme Using Basic Authentication
77276d82-4f45-4cf1-8e2b-4d345b936228|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Authorization URL (v3)
52c0d841-60d6-4a81-88dd-c35fef36d315|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Token URL (v3)
3ba0cca1-b815-47bf-ac62-1e584eb64a05|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|OAuth2 With Implicit Flow
39cb32f2-3a42-4af0-8037-82a7a9654b6c|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|OAuth2 With Password Flow
3979b0a4-532c-4ea7-86e4-34c090eaa4f2|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Security Scheme HTTP Unknown Scheme
06764426-3c56-407e-981f-caa25db1c149|OpenAPI|Medium|Access Control|Query details
Documentation
|
-|Global Server Object Uses HTTP
2d8c175a-6d90-412b-8b0e-e034ea49a1fe|OpenAPI|Medium|Encryption|Query details
Documentation
|
-|Path Server Object Uses HTTP (v3)
9670f240-7b4d-4955-bd93-edaa9fa38b58|OpenAPI|Medium|Encryption|Query details
Documentation
|
-|Media Type Object Without Schema
f79b9d26-e945-44e7-98a1-b93f0f7a68a0|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
-|Parameter Object Without Schema
8fe1846f-52cc-4413-ace9-1933d7d23672|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
-|Header Object Without Schema
50de3b5b-6465-4e06-a9b0-b4c2ba34326b|OpenAPI|Medium|Networking and Firewall|Query details
Documentation
|
-|API Key Exposed In Global Security Scheme
40e1d1bf-11a9-4f63-a3a2-a8b84c602839|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using HTTP Basic
68e5fcac-390c-4939-a373-6074b7be7c71|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using HTTP Digest
a4247b11-890b-45df-bf42-350a7a3af9be|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using HTTP Negotiate
f525cc92-9050-4c41-a75c-890dc6f64449|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using Oauth 1.0
1bc3205c-0d60-44e6-84f3-44fbf4dac5b3|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Undefined Scope 'securityScheme' On 'security' Field On Operations
462d6a1d-fed9-4d75-bb9e-3de902f35e6e|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Undefined Scope 'securityScheme' On Global 'security' Field
23a9e2d9-8738-4556-a71c-2802b6ffa022|OpenAPI|Low|Access Control|Query details
Documentation
|
-|Additional Properties Too Permissive
9f88c88d-824d-4d9a-b985-e22977046042|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
-|Additional Properties Too Restrictive
a19c3bbd-c056-40d7-9e1c-eeb0634e320d|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
-|Success Response Code Undefined for Trace Operation
105e20dd-8449-4d71-95c6-d5dac96639af|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
-|Components Callback Definition Is Unused
d15db953-a553-4b8a-9a14-a3d62ea3d79d|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Example Definition Is Unused
b05bb927-2df5-43cc-8d7b-6825c0e71625|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Header Definition Is Unused
a68da022-e95a-4bc2-97d3-481e0bd6d446|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Link Definition Is Unused
c19779a9-5774-4d2f-a3a1-a99831730375|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Parameter Definition Is Unused
698a464e-bb3e-4ba8-ab5e-e6599b7644a0|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Request Body Definition Is Unused
6b76f589-9713-44ab-97f5-59a3dba1a285|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Response Definition Is Unused
9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Components Schema Definition Is Unused
962fa01e-b791-4dcc-b04a-4a3e7389be5e|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Encoding Header 'Content-Type' Improperly Defined
4cd8de87-b595-48b6-ab3c-1904567135ab|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Invalid Media Type Value (v3)
cf4a5f45-a27b-49df-843a-9911dbfe71d4|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Property 'allowEmptyValue' Ignored
59c2f769-7cc2-49c8-a3de-4e211135cfab|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Property 'allowReserved' of Encoding Object Ignored
4190dda7-af03-4cf0-a128-70ac1661ca09|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Property 'explode' of Encoding Object Ignored
a4dd69b8-49fa-45d2-a060-c76655405b05|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Property 'style' of Encoding Object Ignored
d3ea644a-9a5c-4fee-941f-f8a6786c0470|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Unknown Prefix (v3)
a5375be3-521c-43bb-9eab-e2432e368ee4|OpenAPI|Info|Best Practices|Query details
Documentation
|
-|Callback JSON Reference Does Not Exists
f29904c8-6041-4bca-b043-dfa0546b8079|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Callback Object With Incorrect Ref
ba066cda-e808-450d-92b6-f29109754d45|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Components Object Fixed Field Key Improperly Named
151331e2-11f4-4bb6-bd35-9a005e695087|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Empty Array
5915c20f-dffa-4cee-b5d4-f457ddc0151a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Encoding Map Key Mismatch Schema Defined Properties
cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Example JSON Reference Does Not Exists
6a2c219f-da5e-4745-941e-5ea8cde23356|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Example JSON Reference Outside Components Examples
bac56e3c-1f71-4a74-8ae6-2fba07efcddb|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Header JSON Reference Does Not Exists
376c9390-7e9e-4cb8-a067-fd31c05451fd|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Header Object With Incorrect Ref
2d6646f4-2946-420f-8c14-3232d49ae0cb|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Invalid Content Type For Multiple Files Upload
26f06397-36d8-4ce7-b993-17711261d777|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Link JSON Reference Does Not Exists
801f0c6a-a834-4467-89c6-ddecffb46b5a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Link Object Incorrect Ref
b9db8a10-020c-49ca-88c6-780e5fdb4328|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Link Object OperationId Does Not Target Operation Object
c5bb7461-aa57-470b-a714-3bc3d74f4669|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Link Object With Both 'operationId' And 'operationRef'
60fb6621-9f02-473b-9424-ba9a825747d3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Object Without Required Property (v3)
d172a060-8569-4412-8045-3560ebd477e8|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter JSON Reference Does Not Exists (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object Content With Multiple Entries
8bfed1c6-2d59-4924-bc7f-9b9d793ed0df|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Incorrect Ref (v3)
d40f27e6-15fb-4b56-90f8-fc0ff0291c51|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Schema And Content
31dd6fc0-f274-493b-9614-e063086c19fc|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Undefined Type
46facedc-f243-4108-ab33-583b807d50b0|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Property 'allowReserved' Improperly Defined
7f203940-39c4-4ea7-91ee-7aba16bca9e2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Request Body JSON Reference Does Not Exists
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Request Body Object With Incorrect Media Type
58f06434-a88c-4f74-826c-db7e10cc7def|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Request Body With Incorrect Ref
0f6cd0ab-c366-4595-84fc-fbd8b9901e4d|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Response JSON Reference Does Not Exists (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Response Object With Incorrect Ref (v3)
b3871dd8-9333-4d6c-bd52-67eb898b71ab|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Schema JSON Reference Does Not Exists (v3)
015eac96-6313-43c0-84e5-81b1374fa637|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Schema Object Incorrect Ref (v3)
4cac7ace-b0fb-477d-830d-65395d9109d9|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Schema With Both ReadOnly And WriteOnly
d2361d58-361c-49f0-9e50-b957fd608b29|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Security Field Undefined
ab1263c2-81df-46f0-9f2c-0b62fdb68419|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Security Operation Field Undefined
20a482d5-c5d9-4a7a-b7a4-60d0805047b4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Security Requirement Object With Wrong Scopes
37140f7f-724a-4c87-a536-e9cee1d61533|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Server Object Variable Not Used
8aee4754-970d-4c5f-8142-a49dfe388b1a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Server URL Not Absolute
a0bf7382-5d5a-4224-924c-3db8466026c9|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Server URL Uses Undefined Variables
8d0921d6-4131-461f-a253-99e873f8f77e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Servers Array Undefined
c66ebeaa-676c-40dc-a3ff-3e49395dcd5e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Unknown Property (v3)
fb7d81e7-4150-48c4-b914-92fc05da6a2f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|ECR Repository Is Publicly Accessible
fb5a5df7-6d74-4243-ab82-ff779a958bfd|Ansible|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Access to Any Principal
3ab1f27d-52cc-4943-af1d-43c1939e739a|Ansible|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Delete Action From All Principals
6fa44721-ef21-41c6-8665-330d59461163|Ansible|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Put Action From All Principals
a0f1bfe0-741e-473f-b3b2-13e66f856fab|Ansible|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With All Permissions
6a6d7e56-c913-4549-b5c5-5221e624d2ec|Ansible|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With Public Access
c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9|Ansible|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
c09e3ca5-f08a-4717-9c87-3919c5e6d209|Ansible|Critical|Insecure Configurations|Query details
Documentation
|
+|DB Security Group With Public Scope
0956aedf-6a7a-478b-ab56-63e2b19923ad|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|RDS Associated with Public Subnet
16732649-4ff6-4cd2-8746-e72c13fae4b8|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
af167837-9636-4086-b815-c239186b9dda|Ansible|High|Access Control|Query details
Documentation
|
+|ECS Service Admin Role Is Present
7db727c1-1720-468e-b80e-06697f71e09e|Ansible|High|Access Control|Query details
Documentation
|
+|IAM Policy Grants Full Permissions
b5ed026d-a772-4f07-97f9-664ba0b116f8|Ansible|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to All Users
a1ef9d2e-4163-40cb-bd92-04f0d602a15d|Ansible|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to Any Authenticated User
75480b31-f349-4b9a-861f-bce19588e674|Ansible|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Get Action From All Principals
53bce6a8-5492-4b1b-81cf-664385f0c4bf|Ansible|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows List Action From All Principals
d395a950-12ce-4314-a742-ac5a785ab44e|Ansible|High|Access Control|Query details
Documentation
|
+|SNS Topic is Publicly Accessible
905f4741-f965-45c1-98db-f7a00a0e5c73|Ansible|High|Access Control|Query details
Documentation
|
+|SQS Policy Allows All Actions
ed9b3beb-92cf-44d9-a9d2-171eeba569d4|Ansible|High|Access Control|Query details
Documentation
|
+|SQS Queue Exposed
86b0efa7-4901-4edd-a37a-c034bec6645a|Ansible|High|Access Control|Query details
Documentation
|
+|Config Rule For Encrypted Volumes Disabled
7674a686-e4b1-4a95-83d4-1fd53c623d84|Ansible|High|Encryption|Query details
Documentation
|
+|DB Instance Storage Not Encrypted
7dfb316c-a6c2-454d-b8a2-97f147b0c0ff|Ansible|High|Encryption|Query details
Documentation
|
+|EBS Volume Encryption Disabled
4b6012e7-7176-46e4-8108-e441785eae57|Ansible|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
727c4fd4-d604-4df6-a179-7713d3c85e20|Ansible|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
2034fb37-bc23-4ca0-8d95-2b9f15829ab5|Ansible|High|Encryption|Query details
Documentation
|
+|Kinesis Not Encrypted With KMS
f2ea6481-1d31-4d40-946a-520dc6321dd7|Ansible|High|Encryption|Query details
Documentation
|
+|Launch Configuration Is Not Encrypted
66477506-6abb-49ed-803d-3fa174cd5f6a|Ansible|High|Encryption|Query details
Documentation
|
+|Redis Not Compliant
9f34885e-c08f-4d13-a7d1-cf190c5bd268|Ansible|High|Encryption|Query details
Documentation
|
+|Redshift Not Encrypted
6a647814-def5-4b85-88f5-897c19f509cd|Ansible|High|Encryption|Query details
Documentation
|
+|S3 Bucket Without Server-side-encryption
594f54e7-f744-45ab-93e4-c6dbaf6cd571|Ansible|High|Encryption|Query details
Documentation
|
+|User Data Contains Encoded Private Key
c09f4d3e-27d2-4d46-9453-abbe9687a64e|Ansible|High|Encryption|Query details
Documentation
|
+|Batch Job Definition With Privileged Container Properties
defe5b18-978d-4722-9325-4d1975d3699f|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|EC2 Group Has Public Interface
5330b503-3319-44ff-9b1c-00ee873f728a|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|KMS Key With Vulnerable Policy
5b9d237a-57d5-4177-be0e-71434b0fef47|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Redshift Publicly Accessible
5c6b727b-1382-4629-8ba9-abd1365e5610|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Root Account Has Active Access Keys
e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|DB Security Group Open To Large Scope
ea0ed1c7-9aef-4464-b7c7-94c762da3640|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Default Security Groups With Unrestricted Traffic
8010e17a-00e9-4635-a692-90d6bcec68bd|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Public Port Wide
71ea648a-d31a-4b5a-a589-5674243f1c33|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Remote Desktop Port Open To Internet
eda7301d-1f3e-47cf-8d4e-976debc64341|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Route53 Record Undefined
445dce51-7e53-4e50-80ef-7f94f14169e4|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Security Group Ingress Not Restricted
ea6bc7a6-d696-4dcf-a788-17fa03c17c81|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Unknown Port Exposed To Internet
722b0f24-5a64-4cca-aa96-cfc26b7e3a5b|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Unrestricted Security Group Ingress
83c5fa4c-e098-48fc-84ee-0a537287ddd2|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Hardcoded AWS Access Key
c2f15af3-66a0-4176-a56e-e4711e502e5c|Ansible|High|Secret Management|Query details
Documentation
|
+|Hardcoded AWS Access Key In Lambda
f34508b9-f574-4330-b42d-88c44cced645|Ansible|High|Secret Management|Query details
Documentation
|
+|AMI Shared With Multiple Accounts
a19b2942-142e-4e2b-93b7-6cf6a6c8d90f|Ansible|Medium|Access Control|Query details
Documentation
|
+|API Gateway Without Configured Authorizer
b16cdb37-ce15-4ab2-8401-d42b05d123fc|Ansible|Medium|Access Control|Query details
Documentation
|
+|Certificate Has Expired
5a443297-19d4-4381-9e5b-24faf947ec22|Ansible|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Using Default Security Group
8d03993b-8384-419b-a681-d1f55149397c|Ansible|Medium|Access Control|Query details
Documentation
|
+|IAM Access Key Is Exposed
7f79f858-fbe8-4186-8a2c-dfd0d958a40f|Ansible|Medium|Access Control|Query details
Documentation
|
+|IAM Group Without Users
f509931b-bbb0-443c-bd9b-10e92ecf2193|Ansible|Medium|Access Control|Query details
Documentation
|
+|IAM Policies Attached To User
eafe4bc3-1042-4f88-b988-1939e64bf060|Ansible|Medium|Access Control|Query details
Documentation
|
+|IAM Policies With Full Privileges
e401d614-8026-4f4b-9af9-75d1197461ba|Ansible|Medium|Access Control|Query details
Documentation
|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services
12a7a7ce-39d6-49dd-923d-aeb4564eb66c|Ansible|Medium|Access Control|Query details
Documentation
|
+|IAM Role Allows All Principals To Assume
babdedcf-d859-43da-9a7b-6d72e661a8fd|Ansible|Medium|Access Control|Query details
Documentation
|
+|Lambda Permission Principal Is Wildcard
1d972c56-8ec2-48c1-a578-887adb09c57a|Ansible|Medium|Access Control|Query details
Documentation
|
+|Public Lambda via API Gateway
5e92d816-2177-4083-85b4-f61b4f7176d9|Ansible|Medium|Access Control|Query details
Documentation
|
+|SES Policy With Allowed IAM Actions
8ed0bfce-f780-46d4-b086-21c3628f09ad|Ansible|Medium|Access Control|Query details
Documentation
|
+|SQS Policy With Public Access
d994585f-defb-4b51-b6d2-c70f020ceb10|Ansible|Medium|Access Control|Query details
Documentation
|
+|Auto Scaling Group With No Associated ELB
050f085f-a8db-4072-9010-2cca235cc02f|Ansible|Medium|Availability|Query details
Documentation
|
+|CMK Is Unusable
133fee21-37ef-45df-a563-4d07edc169f4|Ansible|Medium|Availability|Query details
Documentation
|
+|RDS With Backup Disabled
e69890e6-fce5-461d-98ad-cb98318dfc96|Ansible|Medium|Backup|Query details
Documentation
|
+|S3 Bucket Without Versioning
9232306a-f839-40aa-b3ef-b352001da9a5|Ansible|Medium|Backup|Query details
Documentation
|
+|Stack Retention Disabled
17d5ba1d-7667-4729-b1a6-b11fde3db7f7|Ansible|Medium|Backup|Query details
Documentation
|
+|AMI Not Encrypted
97707503-a22c-4cd7-b7c0-f088fa7cf830|Ansible|Medium|Encryption|Query details
Documentation
|
+|CA Certificate Identifier Is Outdated
5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce|Ansible|Medium|Encryption|Query details
Documentation
|
+|Cloudfront Viewer Protocol Policy Allows HTTP
a6d27cf7-61dc-4bde-ae08-3b353b609f76|Ansible|Medium|Encryption|Query details
Documentation
|
+|CodeBuild Not Encrypted
a1423864-2fbc-4f46-bfe1-fbbf125c71c9|Ansible|Medium|Encryption|Query details
Documentation
|
+|ELB Using Insecure Protocols
730a5951-2760-407a-b032-dd629b55c23a|Ansible|Medium|Encryption|Query details
Documentation
|
+|IAM Database Auth Not Enabled
0ed012a4-9199-43d2-b9e4-9bd049a48aa4|Ansible|Medium|Encryption|Query details
Documentation
|
+|Secure Ciphers Disabled
218413a0-c716-4b94-9e08-0bb70d854709|Ansible|Medium|Encryption|Query details
Documentation
|
+|SQS With SSE Disabled
e1e7b278-2a8b-49bd-a26e-66a7f70b17eb|Ansible|Medium|Encryption|Query details
Documentation
|
+|API Gateway Without SSL Certificate
b47b98ab-e481-4a82-8bb1-1ab39fd36e33|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Certificate RSA Key Bytes Lower Than 256
d5ec2080-340a-4259-b885-f833c4ea6a31|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
d0c13053-d2c8-44a6-95da-d592996e9e67|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|ECR Image Tag Not Immutable
60bfbb8a-c72f-467f-a6dd-a46b7d612789|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|ECS Task Definition Network Mode Not Recommended
01aec7c2-3e4d-4274-ae47-2b8fea22fd1f|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket with Unsecured CORS Rule
3505094c-f77c-4ba0-95da-f83db712f86c|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Vulnerable Default SSL Certificate
fb8f8929-afeb-4c46-99f0-a6cf410f7df4|Ansible|Medium|Insecure Defaults|Query details
Documentation
|
+|ALB Listening on HTTP
f81d63d2-c5d7-43a4-a5b5-66717a41c895|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Endpoint Config is Not Private
559439b2-3e9c-4739-ac46-17e3b24ec215|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway without WAF
f5f38943-664b-4acc-ab11-f292fa10ed0b|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Without WAF
22c80725-e390-4055-8d14-a872230f6607|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Has Public IP
a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
d6c2d06f-43c1-488a-9ba1-8d75b40fc62d|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|HTTP Port Open To Internet
a14ad534-acbe-4a8e-9404-2f7e1045646e|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group With Unrestricted Access To SSH
57ced4b9-6ba4-487b-8843-b65562b90c77|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
7af1c447-c014-4f05-bd8b-ebe3a15734ac|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway With CloudWatch Logging Disabled
72a931c2-12f5-40d1-93cc-47bff2f7aa2a|Ansible|Medium|Observability|Query details
Documentation
|
+|CloudFront Logging Disabled
d31cb911-bf5b-4eb6-9fc3-16780c77c7bd|Ansible|Medium|Observability|Query details
Documentation
|
+|CloudTrail Logging Disabled
d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5|Ansible|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Logging Disabled
c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d|Ansible|Medium|Observability|Query details
Documentation
|
+|No Stack Policy
ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9|Ansible|Medium|Resource Management|Query details
Documentation
|
+|Authentication Without MFA
eee107f9-b3d8-45d3-b9c6-43b5a7263ce1|Ansible|Low|Access Control|Query details
Documentation
|
+|ECS Service Without Running Tasks
f5c45127-1d28-4b49-a692-0b97da1c3a84|Ansible|Low|Availability|Query details
Documentation
|
+|Automatic Minor Upgrades Disabled
857f8808-e96a-4ba8-a9b7-f2d4ec6cad94|Ansible|Low|Best Practices|Query details
Documentation
|
+|CDN Configuration Is Missing
b25398a2-0625-4e61-8e4d-a1bb23905bf6|Ansible|Low|Best Practices|Query details
Documentation
|
+|IAM Password Without Minimum Length
8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d|Ansible|Low|Best Practices|Query details
Documentation
|
+|Lambda Permission Misconfigured
3ddf3417-424d-420d-8275-0724dc426520|Ansible|Low|Best Practices|Query details
Documentation
|
+|Misconfigured Password Policy Expiration
3f2cf811-88fa-4eda-be45-7a191a18aba9|Ansible|Low|Best Practices|Query details
Documentation
|
+|Password Without Reuse Prevention
6f5f5444-1422-495f-81ef-24cefd61ed2c|Ansible|Low|Best Practices|Query details
Documentation
|
+|EFS Without Tags
b8a9852c-9943-4973-b8d5-77dae9352851|Ansible|Low|Build Process|Query details
Documentation
|
+|Stack Without Template
32d31f1f-0f83-4721-b7ec-1e6948c60145|Ansible|Low|Build Process|Query details
Documentation
|
+|CloudTrail Log Files Not Encrypted With KMS
f5587077-3f57-4370-9b4e-4eb5b1bac85b|Ansible|Low|Encryption|Query details
Documentation
|
+|EFS Without KMS
bd77554e-f138-40c5-91b2-2a09f878608e|Ansible|Low|Encryption|Query details
Documentation
|
+|AWS Password Policy With Unchangeable Passwords
e28ceb92-d588-4166-aac5-766c8f5b7472|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|Instance With No VPC
61d1a2d0-4db8-405a-913d-5d2ce49dff6f|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|Lambda Function Without Tags
265d9725-2fb8-42a2-bc57-3279c5db82d5|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|EC2 Instance Using Default VPC
8833f180-96f1-46f4-9147-849aafa56029|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Using Default Port
7cc6c791-5f68-4816-a564-b9b699f9d26e|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Without VPC
5527dcfc-94f9-4bf6-b7d4-1b78850cf41f|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|RDS Using Default Port
2cb674f6-32f9-40be-97f2-62c0dc38f0d5|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|Redshift Using Default Port
e01de151-a7bd-4db4-b49b-3c4775a5e881|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|API Gateway X-Ray Disabled
2059155b-27fd-441e-b616-6966c468561f|Ansible|Low|Observability|Query details
Documentation
|
+|CloudTrail Log File Validation Disabled
4d8681a2-3d30-4c89-8070-08acd142748e|Ansible|Low|Observability|Query details
Documentation
|
+|CloudTrail Multi Region Disabled
6ad087d7-a509-4b20-b853-9ef6f5ebaa98|Ansible|Low|Observability|Query details
Documentation
|
+|CloudTrail Not Integrated With CloudWatch
ebb2118a-03bc-4d53-ab43-d8750f5cb8d3|Ansible|Low|Observability|Query details
Documentation
|
+|CloudTrail SNS Topic Name Undefined
5ba316a9-c466-4ec1-8d5b-bc6107dc9a92|Ansible|Low|Observability|Query details
Documentation
|
+|CMK Rotation Disabled
af96d737-0818-4162-8c41-40d969bd65d1|Ansible|Low|Observability|Query details
Documentation
|
+|Configuration Aggregator to All Regions Disabled
a2fdf451-89dd-451e-af92-bf6c0f4bab96|Ansible|Low|Observability|Query details
Documentation
|
+|Lambda Functions Without X-Ray Tracing
71397b34-1d50-4ee1-97cb-c96c34676f74|Ansible|Low|Observability|Query details
Documentation
|
+|Stack Notifications Disabled
d39761d7-94ab-45b0-ab5e-27c44e381d58|Ansible|Low|Observability|Query details
Documentation
|
+|EC2 Not EBS Optimized
338b6cab-961d-4998-bb49-e5b6a11c9a5c|Ansible|Info|Best Practices|Query details
Documentation
|
+|CloudWatch Without Retention Period Specified
e24e18d9-4c2b-4649-b3d0-18c088145e24|Ansible|Info|Observability|Query details
Documentation
|
+|CosmosDB Account IP Range Filter Not Set
e8c80448-31d8-4755-85fc-6dbab69c2717|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Entirely Accessible
0d0c12b9-edce-4510-9065-13f6a758750c|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Publicly Accessible
0632d0db-9190-450a-8bb3-c283bffea445|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|SQLServer Ingress From Any IP
f4e9ff70-0f3b-4c50-a713-26cbe7ec4039|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|Unrestricted SQL Server Access
3f23c96c-f9f5-488d-9b17-605b8da5842f|Ansible|Critical|Networking and Firewall|Query details
Documentation
|
+|Default Azure Storage Account Network Access Is Too Permissive
ca4df748-613a-4fbf-9c76-f02cbd580307|Ansible|High|Access Control|Query details
Documentation
|
+|Public Storage Account
35e2f133-a395-40de-a79d-b260d973d1bd|Ansible|High|Access Control|Query details
Documentation
|
+|Storage Container Is Publicly Accessible
4d3817db-dd35-4de4-a80d-3867157e7f7f|Ansible|High|Access Control|Query details
Documentation
|
+|Azure Container Registry With No Locks
581dae78-307d-45d5-aae4-fe2b0db267a5|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Security Group is Not Configured
da4f2739-174f-4cdd-b9ef-dc3f14b5931f|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Sensitive Port Is Exposed To Entire Network
0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|Admin User Enabled For Container Registry
29f35127-98e6-43af-8ec1-201b79f99604|Ansible|Medium|Access Control|Query details
Documentation
|
+|AKS RBAC Disabled
149fa56c-4404-4f90-9e25-d34b676d5b39|Ansible|Medium|Access Control|Query details
Documentation
|
+|Role Definition Allows Custom Role Creation
5c80db8e-03f5-43a2-b4af-1f3f87018157|Ansible|Medium|Access Control|Query details
Documentation
|
+|Key Vault Soft Delete Is Disabled
881696a8-68c5-4073-85bc-7c38a3deb854|Ansible|Medium|Backup|Query details
Documentation
|
+|Azure Instance Using Basic Authentication
e2d834b7-8b25-4935-af53-4a60668dcbe0|Ansible|Medium|Best Practices|Query details
Documentation
|
+|MySQL SSL Connection Disabled
2a901825-0f3b-4655-a0fe-e0470e50f8e6|Ansible|Medium|Encryption|Query details
Documentation
|
+|SSL Enforce Disabled
961ce567-a16d-4d7d-9027-f0ec2628a555|Ansible|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Forcing HTTPS
2c99a474-2a3c-4c17-8294-53ffa5ed0522|Ansible|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Using Latest TLS Encryption Version
c62746cf-92d5-4649-9acf-7d48d086f2ee|Ansible|Medium|Encryption|Query details
Documentation
|
+|AD Admin Not Configured For SQL Server
b176e927-bbe2-44a6-a9c3-041417137e5f|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
869e7fb4-30f0-4bdb-b360-ad548f337f2f|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|VM Not Attached To Network
1e5f5307-3e01-438d-8da6-985307ed25ce|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Web App Accepting Traffic Other Than HTTPS
eb8c2560-8bee-4248-9d0d-e80c8641dd91|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache
69f72007-502e-457b-bd2d-5012e31ac049|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Trusted Microsoft Services Not Enabled
1bc398a8-d274-47de-a4c8-6ac867b353de|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|WAF Is Disabled For Azure Application Gateway
2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|AKS Monitoring Logging Disabled
d5e83b32-56dd-4247-8c2e-074f43b38a5e|Ansible|Medium|Observability|Query details
Documentation
|
+|Log Retention Is Not Set
0461b4fd-21ef-4687-929e-484ee4796785|Ansible|Medium|Observability|Query details
Documentation
|
+|Monitoring Log Profile Without All Activities
89f84a1e-75f8-47c5-83b5-bee8e2de4168|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Checkpoints Disabled
7ab33ac0-e4a3-418f-a673-50da4e34df21|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Connections Not Set
7b47138f-ec0e-47dc-8516-e7728fe3cc17|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Disconnections Not Set
054d07b5-941b-4c28-8eef-18989dc62323|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Duration Not Set
729ebb15-8060-40f7-9017-cb72676a5487|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Server Without Connection Throttling
a9becca7-892a-4af7-b9e1-44bf20a4cd9a|Ansible|Medium|Observability|Query details
Documentation
|
+|SQL Server Predictable Active Directory Account Name
530e8291-2f22-4bab-b7ea-306f1bc2a308|Ansible|Low|Best Practices|Query details
Documentation
|
+|SQL Server Predictable Admin Account Name
663062e9-473d-4e87-99bc-6f3684b3df40|Ansible|Low|Best Practices|Query details
Documentation
|
+|Cosmos DB Account Without Tags
23a4dc83-4959-4d99-8056-8e051a82bc1e|Ansible|Low|Build Process|Query details
Documentation
|
+|AKS Network Policy Misconfigured
8c3bedf1-c570-4c3b-b414-d068cd39a00c|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|Small Activity Log Retention Period
37fafbea-dedb-4e0d-852e-d16ee0589326|Ansible|Low|Observability|Query details
Documentation
|
+|Allow Unsafe Lookups Enabled
86b97bb4-85c9-462d-8635-cbc057c5c8c5|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Privilege Escalation Using Become Plugin
404908b6-4954-4611-98f0-e8ceacdabcb1|Ansible|Medium|Access Control|Query details
Documentation
|
+|Communication over HTTP
d7dc9350-74bc-485b-8c85-fed22d276c43|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Logging of Sensitive Data
c6473dae-8477-4119-88b7-b909b435ce7b|Ansible|Low|Best Practices|Query details
Documentation
|
+|Cloud Storage Anonymous or Publicly Accessible
086031e1-9d4a-4249-acb3-5bfe4c363db2|Ansible|Critical|Access Control|Query details
Documentation
|
+|SQL DB Instance Publicly Accessible
7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b|Ansible|Critical|Insecure Configurations|Query details
Documentation
|
+|BigQuery Dataset Is Public
2263b286-2fe9-4747-a0ae-8b4768a2bbd2|Ansible|High|Access Control|Query details
Documentation
|
+|SQL DB Instance With SSL Disabled
d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb|Ansible|High|Encryption|Query details
Documentation
|
+|Client Certificate Disabled
20180133-a0d0-4745-bfe0-94049fbb12a9|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Cloud SQL Instance With Contained Database Authentication On
6d34aff3-fdd2-460c-8190-756a3b4969e8|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|Cloud SQL Instance With Cross DB Ownership Chaining On
9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|GKE Legacy Authorization Enabled
300a9964-b086-41f7-9378-b6de3ba1c32b|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|MySQL Instance With Local Infile On
a7b520bb-2509-4fb0-be05-bc38f54c7a4c|Ansible|High|Insecure Configurations|Query details
Documentation
|
+|RDP Access Is Not Restricted
75418eb9-39ec-465f-913c-6f2b6a80dc77|Ansible|High|Networking and Firewall|Query details
Documentation
|
+|VM With Full Cloud Access
bc20bbc6-0697-4568-9a73-85af1dd97bdd|Ansible|Medium|Access Control|Query details
Documentation
|
+|SQL DB Instance Backup Disabled
0c82eae2-aca0-401f-93e4-fb37a0f9e5e8|Ansible|Medium|Backup|Query details
Documentation
|
+|Disk Encryption Disabled
092bae86-6105-4802-99d2-99cd7e7431f3|Ansible|Medium|Encryption|Query details
Documentation
|
+|DNSSEC Using RSASHA1
6cf4c3a7-ceb0-4475-8892-3745b84be24a|Ansible|Medium|Encryption|Query details
Documentation
|
+|Google Compute SSL Policy Weak Cipher In Use
b28bcd2f-c309-490e-ab7c-35fc4023eb26|Ansible|Medium|Encryption|Query details
Documentation
|
+|Cloud DNS Without DNSSEC
80b15fb1-6207-40f4-a803-6915ae619a03|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Cluster Master Authentication Disabled
9df7f78f-ebe3-432e-ac3b-b67189c15518|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|GKE Basic Authentication Enabled
344bf8ab-9308-462b-a6b2-697432e40ba1|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Container Node Pool Auto Repair Disabled
d58c6f24-3763-4269-9f5b-86b2569a003b|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|IP Aliasing Disabled
ed672a9f-fbf0-44d8-a47d-779501b0db05|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Policy Disabled
98e04ca0-34f5-4c74-8fec-d2e611ce2790|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|OSLogin Is Disabled In VM Instance
66dae697-507b-4aef-be18-eec5bd707f33|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Private Cluster Disabled
3b30e3d6-c99b-4318-b38f-b99db74578b5|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded VM Disabled
18d3a83d-4414-49dc-90ea-f0387b2856cc|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Using Default Service Account
2775e169-e708-42a9-9305-b58aadd2c4dd|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|GKE Using Default Service Account
dc126833-125a-40fb-905a-ce5f2afde240|Ansible|Medium|Insecure Defaults|Query details
Documentation
|
+|Compute Instance Is Publicly Accessible
829f1c60-2bab-44c6-8a21-5cd9d39a2c82|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|GKE Master Authorized Networks Disabled
d43366c5-80b0-45de-bbe8-2338f4ab0a83|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Google Compute Network Using Default Firewall Rule
29b8224a-60e9-4011-8ac2-7916a659841f|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows All Ports
3602d273-3290-47b2-80fa-720162b1a8af|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|IP Forwarding Enabled
11bd3554-cd56-4257-8e25-7aaf30cf8f5f|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Serial Ports Are Enabled For VM Instances
c6fc6f29-dc04-46b6-99ba-683c01aff350|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Access Is Not Restricted
b2fbf1df-76dd-4d78-a6c0-e538f4a9b016|Ansible|Medium|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
507df964-ad97-4035-ab14-94a82eabdfdd|Ansible|Medium|Observability|Query details
Documentation
|
+|Cloud Storage Bucket Versioning Disabled
7814ddda-e758-4a56-8be3-289a81ded929|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Connections Disabled
d7a5616f-0a3f-4d43-bc2b-29d1a183e317|Ansible|Medium|Observability|Query details
Documentation
|
+|PostgreSQL log_checkpoints Flag Not Set To ON
89afe3f0-4681-4ce3-89ed-896cebd4277c|Ansible|Medium|Observability|Query details
Documentation
|
+|Stackdriver Logging Disabled
19c9e2a0-fc33-4264-bba1-e3682661e8f7|Ansible|Medium|Observability|Query details
Documentation
|
+|Stackdriver Monitoring Disabled
20dcd953-a8b8-4892-9026-9afa6d05a525|Ansible|Medium|Observability|Query details
Documentation
|
+|Node Auto Upgrade Disabled
d6e10477-2e19-4bcd-b8a8-19c65b89ccdf|Ansible|Medium|Resource Management|Query details
Documentation
|
+|High Google KMS Crypto Key Rotation Period
f9b7086b-deb8-4034-9330-d7fd38f1b8de|Ansible|Medium|Secret Management|Query details
Documentation
|
+|Project-wide SSH Keys Are Enabled In VM Instances
099b4411-d11e-4537-a0fc-146b19762a79|Ansible|Medium|Secret Management|Query details
Documentation
|
+|Cluster Labels Disabled
fbe9b2d0-a2b7-47a1-a534-03775f3013f7|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|COS Node Image Not Used
be41f891-96b1-4b9d-b74f-b922a918c778|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|PostgreSQL Misconfigured Logging Duration Flag
aed98a2a-e680-497a-8886-277cea0f4514|Ansible|Low|Insecure Configurations|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows Port Range
7289eebd-a477-4064-8ad4-3c044bd70b00|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|Google Compute Subnetwork with Private Google Access Disabled
6a4080ae-79bd-42f6-a924-8f534c1c018b|Ansible|Low|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Logging Of Temporary Files Disabled
d6fae5b6-ada9-46c0-8b36-3108a2a2f77b|Ansible|Low|Observability|Query details
Documentation
|
+|PostgreSQL Misconfigured Log Messages Flag
28a757fc-3d8f-424a-90c0-4233363b2711|Ansible|Low|Observability|Query details
Documentation
|
+|Ansible Tower Exposed To Internet
1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc|Ansible|Medium|Best Practices|Query details
Documentation
|
+|Privilege Escalation Using Become Plugin
0e75052f-cc02-41b8-ac39-a78017527e95|Ansible|Medium|Access Control|Query details
Documentation
|
+|Communication Over HTTP
2e8d4922-8362-4606-8c14-aa10466a1ce3|Ansible|Medium|Insecure Configurations|Query details
Documentation
|
+|Insecure Relative Path Resolution
8d22ae91-6ac1-459f-95be-d37bd373f244|Ansible|Low|Best Practices|Query details
Documentation
|
+|Logging of Sensitive Data
59029ddf-e651-412b-ae7b-ff6d403184bc|Ansible|Low|Best Practices|Query details
Documentation
|
+|Unpinned Package Version
c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8|Ansible|Low|Supply-Chain|Query details
Documentation
|
+|Risky File Permissions
88841d5c-d22d-4b7e-a6a0-89ca50e44b9f|Ansible|Info|Supply-Chain|Query details
Documentation
|
+|SQL Database Server Firewall Allows All IPS
6a3201a5-1630-494b-b294-3129d06b0eca|AzureResourceManager|Critical|Networking and Firewall|Query details
Documentation
|
+|AKS Cluster RBAC Disabled
9307a2ed-35c2-413d-94de-a1a0682c2158|AzureResourceManager|High|Access Control|Query details
Documentation
|
+|Default Azure Storage Account Network Access Is Too Permissive
d855ced8-6157-448f-9f1d-f05a41d046f7|AzureResourceManager|High|Access Control|Query details
Documentation
|
+|Role Definitions Allow Custom Subscription Role Creation
8fa9ceea-881f-4ef0-b0b8-728f589699a7|AzureResourceManager|High|Access Control|Query details
Documentation
|
+|Key Vault Not Recoverable
7c25f361-7c66-44bf-9b69-022acd5eb4bd|AzureResourceManager|High|Backup|Query details
Documentation
|
+|Azure Managed Disk Without Encryption
350f3955-b5be-436f-afaa-3d2be2fa6cdd|AzureResourceManager|High|Encryption|Query details
Documentation
|
+|Network Security Group With Unrestricted Access To RDP
59cb3da7-f206-4ae6-b827-7abf0a9cab9d|AzureResourceManager|High|Networking and Firewall|Query details
Documentation
|
+|Storage Blob Service Container With Public Access
a0ab985d-660b-41f7-ac81-70957ee8e627|AzureResourceManager|High|Networking and Firewall|Query details
Documentation
|
+|Hardcoded SecureString Parameter Default Value
4d2cf896-c053-4be5-9c95-8b4771112f29|AzureResourceManager|High|Secret Management|Query details
Documentation
|
+|App Service Authentication Is Not Set
83130a07-235b-4a80-918b-a370e53f0bd9|AzureResourceManager|Medium|Access Control|Query details
Documentation
|
+|Azure Instance Using Basic Authentication
6797f581-0433-4768-ae3e-7ceb2f8b138e|AzureResourceManager|Medium|Best Practices|Query details
Documentation
|
+|Secret Without Expiration Date
cff9c3f7-e8f0-455f-9fb4-5f72326da96e|AzureResourceManager|Medium|Best Practices|Query details
Documentation
|
+|SQL Server Database With Alerts Disabled
574e8d82-1db2-4b9c-b526-e320ede9a9ff|AzureResourceManager|Medium|Best Practices|Query details
Documentation
|
+|Storage Account Allows Unsecure Transfer
1367dd13-2c90-4020-80b7-e4339a3dc2c4|AzureResourceManager|Medium|Encryption|Query details
Documentation
|
+|Web App Not Using TLS Last Version
b5c851d5-00f1-43dc-a8de-3218fd6f71be|AzureResourceManager|Medium|Encryption|Query details
Documentation
|
+|AKS Cluster Network Policy Not Configured
25c0228e-4444-459b-a2df-93c7df40b7ed|AzureResourceManager|Medium|Insecure Configurations|Query details
Documentation
|
+|Website Not Forcing HTTPS
488847ff-6031-487c-bf42-98fd6ac5c9a0|AzureResourceManager|Medium|Insecure Configurations|Query details
Documentation
|
+|MySQL Server SSL Enforcement Disabled
90120147-f2e7-4fda-bb21-6fa9109afd63|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|Network Security Group With Unrestricted Access To SSH
2ade1579-4b2c-4590-bebb-f99bf597f612|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Database Server Log Checkpoints Disabled
f9112910-c7bb-4864-9f5e-2059ba413bb7|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Database Server Log Connections Disabled
e69bda39-e1e2-47ca-b9ee-b6531b23aedd|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Database Server SSL Disabled
bf500309-da53-4dd3-bcf7-95f7974545a5|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgresSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|Trusted Microsoft Services Not Enabled
e25b56cd-a4d6-498f-ab92-e6296a082097|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|Website with Client Certificate Auth Disabled
92302b47-b0cc-46cb-a28f-5610ecda140b|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
|
+|AKS Logging To Azure Monitoring Is Disabled
9b09dee1-f09b-4013-91d2-158fa4695f4b|AzureResourceManager|Medium|Observability|Query details
Documentation
|
+|SQL Server Database Without Auditing
e055285c-bc01-48b4-8aa5-8a54acdd29df|AzureResourceManager|Medium|Observability|Query details
Documentation
|
+|Storage Logging For Read Write And Delete Requests Disabled
43f6e60c-9cdb-4e77-864d-a66595d26518|AzureResourceManager|Medium|Observability|Query details
Documentation
|
+|Website Azure Active Directory Disabled
e9c133e5-c2dd-4b7b-8fff-40f2de367b56|AzureResourceManager|Low|Access Control|Query details
Documentation
|
+|Phone Number Not Set For Security Contacts
3e9fcc67-1f64-405f-b2f9-0a6be17598f0|AzureResourceManager|Low|Best Practices|Query details
Documentation
|
+|AKS Dashboard Is Enabled
c62d3b92-9a11-4ffd-b7b7-6faaae83faed|AzureResourceManager|Low|Insecure Configurations|Query details
Documentation
|
+|AKS With Authorized IP Ranges Disabled
2583fab1-953b-4fae-bd02-4a136a6c21f9|AzureResourceManager|Low|Networking and Firewall|Query details
Documentation
|
+|Storage Account Allows Default Network Access
9073f073-5d60-4b46-b569-0d6baa80ed95|AzureResourceManager|Low|Networking and Firewall|Query details
Documentation
|
+|Website with 'Http20Enabled' Disabled
70111098-7f85-48f0-b1b4-e4261cf5f61b|AzureResourceManager|Low|Networking and Firewall|Query details
Documentation
|
+|Log Profile Incorrect Category
4d522e7b-f938-4d51-a3b1-974ada528bd3|AzureResourceManager|Low|Observability|Query details
Documentation
|
+|SQL Server Database With Unrecommended Retention Days
c09cdac2-7670-458a-bf6c-efad6880973a|AzureResourceManager|Low|Observability|Query details
Documentation
|
+|Unrecommended Log Profile Retention Policy
25684eac-daaa-4c2c-94b4-8d2dbb627909|AzureResourceManager|Low|Observability|Query details
Documentation
|
+|Unrecommended Network Watcher Flow Log Retention Policy
564b70f8-41cd-4690-aff8-bb53add86bc9|AzureResourceManager|Low|Observability|Query details
Documentation
|
+|Standard Price Is Not Selected
2081c7d6-2851-4cce-bda5-cb49d462da42|AzureResourceManager|Low|Resource Management|Query details
Documentation
|
+|Account Admins Not Notified By Email
a8852cc0-fd4b-4fc7-9372-1e43fad0732e|AzureResourceManager|Info|Best Practices|Query details
Documentation
|
+|SQL Alert Policy Without Emails
89b79fe5-49bd-4d39-84ce-55f5fc6f7764|AzureResourceManager|Info|Best Practices|Query details
Documentation
|
+|Email Notifications Disabled
79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92|AzureResourceManager|Info|Networking and Firewall|Query details
Documentation
|
+|Run Using apt
a1bc27c6-7115-48d8-bf9d-5a7e836845ba|Buildah|Low|Supply-Chain|Query details
Documentation
|
+|Script Block Injection
62ff6823-927a-427f-acf9-f1ea2932d616|CICD|High|Insecure Configurations|Query details
Documentation
|
+|Run Block Injection
20f14e1a-a899-4e79-9f09-b6a84cd4649b|CICD|Medium|Insecure Configurations|Query details
Documentation
|
+|Unsecured Commands
60fd272d-15f4-4d8f-afe4-77d9c6cc0453|CICD|Medium|Insecure Configurations|Query details
Documentation
|
+|Unpinned Actions Full Length Commit SHA
555ab8f9-2001-455e-a077-f2d0f41e2fb9|CICD|Low|Supply-Chain|Query details
Documentation
|
+|Amazon DMS Replication Instance Is Publicly Accessible
5864fb39-d719-4182-80e2-89dbe627be63|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|ECR Repository Is Publicly Accessible
75be209d-1948-41f6-a8c8-e22dd0121134|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Access to Any Principal
7772bb8c-c0f3-42d4-8e4e-f1b8939ad085|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read Or Write to All Users
07dda8de-d90d-469e-9b37-1aca53526ced|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Delete Action From All Principals
acc78859-765e-4011-a229-a65ea57db252|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Put Action From All Principals
f6397a20-4cf1-4540-a997-1d363c25ef58|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With All Permissions
4ae8af91-5108-42cb-9471-3bdbe596eac9|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|SNS Topic is Publicly Accessible
ae53ce91-42b5-46bf-a84f-9a13366a4f13|CloudFormation|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
de38e1d5-54cb-4111-a868-6f7722695007|CloudFormation|Critical|Insecure Configurations|Query details
Documentation
|
+|DB Security Group With Public Scope
9564406d-e761-4e61-b8d7-5926e3ab8e79|CloudFormation|Critical|Networking and Firewall|Query details
Documentation
|
+|RDS Associated with Public Subnet
4e88adee-a8eb-4605-a78d-9fb1096e3091|CloudFormation|Critical|Networking and Firewall|Query details
Documentation
|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7|CloudFormation|High|Access Control|Query details
Documentation
|
+|ECS Service Admin Role Is Present
01986452-bdd8-4aaa-b5df-d6bf61d616ff|CloudFormation|High|Access Control|Query details
Documentation
|
+|IAM Policy Grants Full Permissions
f62aa827-4ade-4dc4-89e4-1433d384a368|CloudFormation|High|Access Control|Query details
Documentation
|
+|Lambda Functions With Full Privileges
a0ae0a4e-712b-4115-8112-51b9eeed9d69|CloudFormation|High|Access Control|Query details
Documentation
|
+|MSK Broker Is Publicly Accessible
0ce1ba20-8ba8-4364-836f-40c24b8cb0ab|CloudFormation|High|Access Control|Query details
Documentation
|
+|Neptune Cluster With IAM Database Authentication Disabled
a3aa0087-8228-4e7e-b202-dc9036972d02|CloudFormation|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to All Users
219f4c95-aa50-44e0-97de-cf71f4641170|CloudFormation|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to Any Authenticated User
835d5497-a526-4aea-a23f-98a9afd1635f|CloudFormation|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Get Action From All Principals
f97b7d23-568f-4bcc-9ac9-02df0d57fbba|CloudFormation|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows List Action From All Principals
faa8fddf-c0aa-4b2d-84ff-e993e233ebe9|CloudFormation|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public Policy
860ba89b-b8de-4e72-af54-d6aee4138a69|CloudFormation|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Restore Actions From All Principals
456b00a3-1072-4149-9740-6b8bb60251b0|CloudFormation|High|Access Control|Query details
Documentation
|
+|AmazonMQ Broker Encryption Disabled
316278b3-87ac-444c-8f8f-a733a28da60f|CloudFormation|High|Encryption|Query details
Documentation
|
+|API Gateway Cache Encrypted Disabled
37cca703-b74c-48ba-ac81-595b53398e9b|CloudFormation|High|Encryption|Query details
Documentation
|
+|CMK Unencrypted Storage
ffee2785-c347-451e-89f3-11aeb08e5c84|CloudFormation|High|Encryption|Query details
Documentation
|
+|Config Rule For Encrypted Volumes Disabled
1b6322d9-c755-4f8c-b804-32c19250f2d9|CloudFormation|High|Encryption|Query details
Documentation
|
+|DynamoDB Table Not Encrypted
4bd21e68-38c1-4d58-acdc-6a14b203237f|CloudFormation|High|Encryption|Query details
Documentation
|
+|DynamoDB With Aws Owned CMK
c8dee387-a2e6-4a73-a942-183c975549ac|CloudFormation|High|Encryption|Query details
Documentation
|
+|EBS Volume Encryption Disabled
80b7ac3f-d2b7-4577-9b10-df7913497162|CloudFormation|High|Encryption|Query details
Documentation
|
+|ECS Cluster Not Encrypted At Rest
6c131358-c54d-419b-9dd6-1f7dd41d180c|CloudFormation|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
2ff8e83c-90e1-4d68-a300-6d652112e622|CloudFormation|High|Encryption|Query details
Documentation
|
+|ElastiCache With Disabled at Rest Encryption
e4ee3903-9225-4b6a-bdfb-e62dbadef821|CloudFormation|High|Encryption|Query details
Documentation
|
+|ElasticSearch Encryption With KMS Disabled
d926aa95-0a04-4abc-b20c-acf54afe38a1|CloudFormation|High|Encryption|Query details
Documentation
|
+|ElasticSearch Not Encrypted At Rest
86a248ab-0e01-4564-a82a-878303e253bb|CloudFormation|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
809f77f8-d10e-4842-a84f-3be7b6ff1190|CloudFormation|High|Encryption|Query details
Documentation
|
+|Kinesis SSE Not Configured
7f65be75-90ab-4036-8c2a-410aef7bb650|CloudFormation|High|Encryption|Query details
Documentation
|
+|MSK Cluster Encryption Disabled
a976d63f-af0e-46e8-b714-8c1a9c4bf768|CloudFormation|High|Encryption|Query details
Documentation
|
+|Neptune Database Cluster Encryption Disabled
bf4473f1-c8a2-4b1b-8134-bd32efabab93|CloudFormation|High|Encryption|Query details
Documentation
|
+|RDS Storage Encryption Disabled
65844ba3-03a1-40a8-b3dd-919f122e8c95|CloudFormation|High|Encryption|Query details
Documentation
|
+|RDS Storage Not Encrypted
5beacce3-4020-4a3d-9e1d-a36f953df630|CloudFormation|High|Encryption|Query details
Documentation
|
+|Redshift Not Encrypted
3b316b05-564c-44a7-9c3f-405bb95e211e|CloudFormation|High|Encryption|Query details
Documentation
|
+|S3 Bucket Without Server-side-encryption
b2e8752c-3497-4255-98d2-e4ae5b46bbf5|CloudFormation|High|Encryption|Query details
Documentation
|
+|SageMaker Data Encryption Disabled
709e6da6-fa1f-44cc-8f17-7f25f96dadbe|CloudFormation|High|Encryption|Query details
Documentation
|
+|User Data Contains Encoded Private Key
568cc372-ca64-420d-9015-ee347d00d288|CloudFormation|High|Encryption|Query details
Documentation
|
+|Workspace Without Encryption
89827c57-5a8a-49eb-9731-976a606d70db|CloudFormation|High|Encryption|Query details
Documentation
|
+|Batch Job Definition With Privileged Container Properties
76ddf32c-85b1-4808-8935-7eef8030ab36|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|KMS Key With Vulnerable Policy
da905474-7454-43c0-b8d2-5756ab951aba|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|Lambda Functions Without Unique IAM Roles
ae03f542-1423-402f-9cef-c834e7ee9583|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|MQ Broker Is Publicly Accessible
68b6a789-82f8-4cfd-85de-e95332fe6a61|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|Root Account Has Active Access Keys
4c137350-7307-4803-8c04-17c09a7a9fcf|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|S3 Static Website Host Enabled
90501b1b-cded-4cc1-9e8b-206b85cda317|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|Permissive Web ACL Default Action
6d64f311-3da6-45f3-80f1-14db9771ea40|CloudFormation|High|Insecure Defaults|Query details
Documentation
|
+|DB Security Group Open To Large Scope
0104165b-02d5-426f-abc9-91fb48189899|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Default Security Groups With Unrestricted Traffic
ea33fcf7-394b-4d11-a228-985c5d08f205|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|EC2 Sensitive Port Is Publicly Exposed
494b03d3-bf40-4464-8524-7c56ad0700ed|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|ELB Sensitive Port Is Exposed To Entire Network
78055456-f670-4d2e-94d5-392d1cf4f5e4|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Fully Open Ingress
e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Remote Desktop Port Open To Internet
c9846969-d066-431f-9b34-8c4abafe422a|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Route53 Record Undefined
24d932e1-91f0-46ea-836f-fdbd81694151|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Security Group Unrestricted Access To RDP
3ae83918-7ec7-4cb8-80db-b91ef0f94002|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Security Groups With Exposed Admin Ports
cdbb0467-2957-4a77-9992-7b55b29df7b7|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Security Groups With Meta IP
adcd0082-e90b-4b63-862b-21899f6e6a48|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Unknown Port Exposed To Internet
829ce3b8-065c-41a3-ad57-e0accfea82d2|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Unrestricted Security Group Ingress
4a1e6b34-1008-4e61-a5f2-1f7c276f8d14|CloudFormation|High|Networking and Firewall|Query details
Documentation
|
+|Amplify App Access Token Exposed
73980e43-f399-4fcc-a373-658228f7adf7|CloudFormation|High|Secret Management|Query details
Documentation
|
+|Amplify App Basic Auth Config Password Exposed
71493c8b-3014-404c-9802-078b74496fb7|CloudFormation|High|Secret Management|Query details
Documentation
|
+|Amplify App OAuth Token Exposed
03b38885-8f4e-480c-a0e4-12c1affd15db|CloudFormation|High|Secret Management|Query details
Documentation
|
+|Amplify Branch Basic Auth Config Password Exposed
dfb56e5d-ee68-446e-b32a-657b62befe69|CloudFormation|High|Secret Management|Query details
Documentation
|
+|Directory Service Microsoft AD Password Set to Plaintext or Default Ref
06b9f52a-8cd5-459b-bdc6-21a22521e1be|CloudFormation|High|Secret Management|Query details
Documentation
|
+|Directory Service Simple AD Password Exposed
6685d912-d81f-4cfa-95ad-e316ea31c989|CloudFormation|High|Secret Management|Query details
Documentation
|
+|DMS Endpoint MongoDB Settings Password Exposed
f988a17f-1139-46a3-8928-f27eafd8b024|CloudFormation|High|Secret Management|Query details
Documentation
|
+|DMS Endpoint Password Exposed
5f700072-b7ce-4e84-b3f3-497bf1c24a4d|CloudFormation|High|Secret Management|Query details
Documentation
|
+|DocDB Cluster Master Password In Plaintext
39423ce4-9011-46cd-b6b1-009edcd9385d|CloudFormation|High|Secret Management|Query details
Documentation
|
+|Hardcoded AWS Access Key In Lambda
2564172f-c92b-4261-9acd-464aed511696|CloudFormation|High|Secret Management|Query details
Documentation
|
+|IAM User LoginProfile Password Is In Plaintext
06adef8c-c284-4de7-aad2-af43b07a8ca1|CloudFormation|High|Secret Management|Query details
Documentation
|
+|RefreshToken Is Exposed
5b48c507-0d1f-41b0-a630-76817c6b4189|CloudFormation|High|Secret Management|Query details
Documentation
|
+|API Gateway Method Does Not Contains An API Key
3641d5b4-d339-4bc2-bfb9-208fe8d3477f|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|API Gateway Without Configured Authorizer
7fd0d461-5b8c-4815-898c-f2b4b117eb28|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Has No IAM Role
f914357d-8386-4d56-9ba6-456e5723f9a6|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Using Default Security Group
08b81bb3-0985-4023-8602-b606ad81d279|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|EC2 Network ACL Ineffective Denied Traffic
2623d682-dccb-44cd-99d0-54d9fd62f8f2|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|Elasticsearch Without IAM Authentication
5c666ed9-b586-49ab-9873-c495a833b705|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|Empty Roles For ECS Cluster Task Definitions
7f384a5f-b5a2-4d84-8ca3-ee0a5247becb|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Group Inline Policies
a58d1a2d-4078-4b80-855b-84cc3f7f4540|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Group Without Users
8f957abd-9703-413d-87d3-c578950a753c|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Policies Attached To User
edc95c10-7366-4f30-9b4b-f995c84eceb5|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Policies With Full Privileges
953b3cdb-ce13-428a-aa12-318726506661|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services
e835bd0d-65da-49f7-b6d1-b646da8727e6|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Policy On User
e4239438-e639-44aa-adb8-866e400e3ade|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IAM Role Allows All Principals To Assume
f80e3aa7-7b34-4185-954e-440a6894dde6|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IoT Policy Allows Action as Wildcard
4d32780f-43a4-424a-a06d-943c543576a5|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|IoT Policy Allows Wildcard Resource
be5b230d-4371-4a28-a441-85dc760e2aa3|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|KMS Allows Wildcard Principal
f6049677-ec4a-43af-8779-5190b6d03cba|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|Lambda Permission Principal Is Wildcard
1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|Public Lambda via API Gateway
57b12981-3816-4c31-b190-a1e614361dd2|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public ACL
48f100d9-f499-4c6d-b2b8-deafe47ffb26|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously
818f38ed-8446-4132-9c03-474d49e10195|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|SQS Policy With Public Access
9b6a3f5b-5fd6-40ee-9bc0-ed604911212d|CloudFormation|Medium|Access Control|Query details
Documentation
|
+|Auto Scaling Group With No Associated ELB
ad21e616-5026-4b9d-990d-5b007bfe679c|CloudFormation|Medium|Availability|Query details
Documentation
|
+|CMK Is Unusable
2844c749-bd78-4cd1-90e8-b179df827602|CloudFormation|Medium|Availability|Query details
Documentation
|
+|ElastiCache Nodes Not Created Across Multi AZ
cfdef2e5-1fe4-4ef4-bea8-c56e08963150|CloudFormation|Medium|Availability|Query details
Documentation
|
+|RDS Multi-AZ Deployment Disabled
2b1d4935-9acf-48a7-8466-10d18bf51a69|CloudFormation|Medium|Availability|Query details
Documentation
|
+|RDS With Backup Disabled
8c415f6f-7b90-4a27-a44a-51047e1506f9|CloudFormation|Medium|Backup|Query details
Documentation
|
+|S3 Bucket Without Versioning
a227ec01-f97a-4084-91a4-47b350c1db54|CloudFormation|Medium|Backup|Query details
Documentation
|
+|Stack Retention Disabled
fe974ae9-858e-4991-bbd5-e040a834679f|CloudFormation|Medium|Backup|Query details
Documentation
|
+|DynamoDB Table Point In Time Recovery Disabled
0f04217d-488f-4e7a-bec8-f16159686cd6|CloudFormation|Medium|Best Practices|Query details
Documentation
|
+|ECS No Load Balancer Attached
fb2b0ecf-1492-491a-a70d-ba1df579175d|CloudFormation|Medium|Best Practices|Query details
Documentation
|
+|IAM Managed Policy Applied to a User
0e5872b4-19a0-4165-8b2f-56d9e14b909f|CloudFormation|Medium|Best Practices|Query details
Documentation
|
+|IAM User Without Password Reset
a964d6e3-8e1e-4d93-8120-61fa640dd55a|CloudFormation|Medium|Best Practices|Query details
Documentation
|
+|Alexa Skill Plaintext Client Secret Exposed
3c3b7a58-b018-4d07-9444-d9ee7156e111|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|CloudFormation Specifying Credentials Not Safe
9ecb6b21-18bc-4aa7-bd07-db20f1c746db|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|Cloudfront Viewer Protocol Policy Allows HTTP
31733ee2-fef0-4e87-9778-65da22a8ecf1|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|CodeBuild Not Encrypted
d7467bb6-3ed1-4c82-8095-5e7a818d0aad|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|Connection Between CloudFront Origin Not Encrypted
a5366a50-932f-4085-896b-41402714a388|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|Default KMS Key Usage
e52395b4-250b-4c60-81d5-2e58c1d37abc|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|EFS Volume With Disabled Transit Encryption
c1282e03-b285-4637-aee7-eefe3a7bb658|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|ElastiCache With Disabled Transit Encryption
3b02569b-fc6f-4153-b3a3-ba91022fed68|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|ELB Using Insecure Protocols
61a94903-3cd3-4780-88ec-fc918819b9c8|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|ELB Without Secure Protocol
80908a75-586b-4c61-ab04-490f4f4525b8|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|EMR Security Configuration Encryption Disabled
5b033ec8-f079-4323-b5c8-99d4620433a9|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|IAM Database Auth Not Enabled
9fcd0a0a-9b6f-4670-a215-d94e6bf3f184|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|KMS Key Rotation Disabled
235ca980-eb71-48f4-9030-df0c371029eb|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|Redshift Cluster Without KMS CMK
de76a0d6-66d5-45c9-9022-f05545b85c78|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|S3 Bucket Without SSL In Write Actions
38c64e76-c71e-4d92-a337-60174d1de1c9|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|SageMaker EndPoint Config Should Specify KmsKeyId Attribute
44034eda-1c3f-486a-831d-e09a7dd94354|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|Secure Ciphers Disabled
be96849c-3df6-49c2-bc16-778a7be2519c|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|SQS With SSE Disabled
12726829-93ed-4d51-9cbe-13423f4299e1|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|API Gateway With Open Access
1056dfbb-5802-4762-bf2b-8b9b9684b1b0|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without Security Policy
8275fab0-68ec-4705-bbf4-86975edb170e|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without SSL Certificate
ed4c48b8-eccc-4881-95c1-09fdae23db25|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
dc17ee4b-ddf2-4e23-96e8-7a36abad1303|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|ECR Image Tag Not Immutable
33f41d31-86b1-46a4-81f7-9c9a671f59ac|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|ECS Task Definition Network Mode Not Recommended
027a4b7a-8a59-4938-a04f-ed532512cf45|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|EMR Cluster Without Security Configuration
48af92a5-c89b-4936-bc62-1086fe2bab23|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|GitHub Repository Set To Public
5906092d-5f74-490d-9a03-78febe0f65e1|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|IAM User Has Too Many Access Keys
48677914-6fdf-40ec-80c4-2b0e94079f54|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|Redshift Publicly Accessible
bdf8dcb4-75df-4370-92c4-606e4ae6c4d3|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket With Unsecured CORS Rule
3609d27c-3698-483a-9402-13af6ae80583|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Ignore Public ACL
6c8d51af-218d-4bfb-94a9-94eabaa0703a|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Restriction Of Public Bucket
350cd468-0e2c-44ef-9d22-cfb73a62523c|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|SageMaker Enabling Internet Access
88d55d94-315d-4564-beee-d2d725feab11|CloudFormation|Medium|Insecure Configurations|Query details
Documentation
|
+|Vulnerable Default SSL Certificate
b4d9c12b-bfba-4aeb-9cb8-2358546d8041|CloudFormation|Medium|Insecure Defaults|Query details
Documentation
|
+|ALB Is Not Integrated With WAF
105ba098-1e34-48cd-b0f2-a8a43a51bf9b|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|ALB Listening on HTTP
275a3217-ca37-40c1-a6cf-bb57d245ab32|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Endpoint Config is Not Private
4a8daf95-709d-4a36-9132-d3e19878fa34|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway without WAF
fcbf9019-566c-4832-a65c-af00d8137d2b|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Without WAF
0f139403-303f-467c-96bd-e717e6cfd62d|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Subnet Has Public IP Mapping On Launch
b3de4e4c-14be-4159-b99d-9ad194365e4c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Network ACL Overlapping Ports
77b6f1e2-bde4-4a6a-ae7e-a40659ff1576|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Permissive Network ACL Protocols
03879981-efa2-47a0-a818-c843e1441b88|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Public Instance Exposed Through Subnet
c44c95fc-ae92-4bb8-bdf8-bb9bc412004a|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|EKS node group remote access
73d59e76-a12c-4b74-a3d8-d3e1e19c25b3|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
4cdc88e6-c0c8-4081-a639-bb3a557cbedf|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|ELB With Security Group Without Inbound Rules
e200a6f3-c589-49ec-9143-7421d4a2c845|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|ELB With Security Group Without Outbound Rules
01d5a458-a6c4-452a-ac50-054d59275b7c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|GameLift Fleet EC2 InboundPermissions With Port Range
43356255-495d-4148-ad8d-f6af5eac09dd|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|HTTP Port Open To Internet
ddfc4eaa-af23-409f-b96c-bf5c45dc4daa|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|SageMaker Notebook Not Placed In VPC
9c7028d9-04c2-45be-b8b2-1188ccaefb36|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Egress CIDR Open To World
1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Egress With All Protocols
ee464fc2-54a6-4e22-b10a-c6dcd2474d0c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Egress With Port Range
dae9c373-8287-462f-8746-6f93dad93610|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Ingress With All Protocols
1a427b25-2e9e-4298-9530-0499a55e736b|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Ingress With Port Range
87482183-a8e7-4e42-a566-7a23ec231c16|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group With Unrestricted Access To SSH
6e856af2-62d7-4ba2-adc1-73b62cef9cc1|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Groups Allows Unrestricted Outbound Traffic
66f2d8f9-a911-4ced-ae27-34f09690bb2c|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|TCP UDP Protocol Network ACL Entry Allows All Ports
f57f849c-883b-4cb7-85e7-f7b199dff163|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|VPC Without Network Firewall
3e293410-d5b8-411f-85fd-7d26294f20c9|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Deployment Without Access Log Setting
06ec63e3-9f72-4fe2-a218-2eb9200b8db5|CloudFormation|Medium|Observability|Query details
Documentation
|
+|API Gateway V2 Stage Access Logging Settings Not Defined
80d45af4-4920-4236-a56e-b7ef419d1941|CloudFormation|Medium|Observability|Query details
Documentation
|
+|CloudFront Logging Disabled
de77cd9f-0e8b-46cc-b4a4-b6b436838642|CloudFormation|Medium|Observability|Query details
Documentation
|
+|CloudTrail Logging Disabled
5c0b06d5-b7a4-484c-aeb0-75a836269ff0|CloudFormation|Medium|Observability|Query details
Documentation
|
+|CloudWatch Logging Disabled
0f0fb06b-0f2f-4374-8588-f2c7c348c7a0|CloudFormation|Medium|Observability|Query details
Documentation
|
+|CloudWatch Metrics Disabled
5d3c1807-acb3-4bb0-be4e-0440230feeaf|CloudFormation|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
1bf3b3d4-f373-4d7c-afbb-7d85948a67a5|CloudFormation|Medium|Observability|Query details
Documentation
|
+|EC2 Instance Monitoring Disabled
0264093f-6791-4475-af34-4b8102dcbcd0|CloudFormation|Medium|Observability|Query details
Documentation
|
+|Elasticsearch Logs Disabled
edbd62d4-8700-41de-b000-b3cfebb5e996|CloudFormation|Medium|Observability|Query details
Documentation
|
+|ELB Access Log Disabled
ee12ad32-2863-4c0f-b13f-28272d115028|CloudFormation|Medium|Observability|Query details
Documentation
|
+|ELBv2 ALB Access Log Disabled
c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621|CloudFormation|Medium|Observability|Query details
Documentation
|
+|GuardDuty Detector Disabled
a25cd877-375c-4121-a640-730929936fac|CloudFormation|Medium|Observability|Query details
Documentation
|
+|MQ Broker Logging Disabled
e519ed6a-8328-4b69-8eb7-8fa549ac3050|CloudFormation|Medium|Observability|Query details
Documentation
|
+|MSK Cluster Logging Disabled
fc7c2c15-f5d0-4b80-adb2-c89019f8f62b|CloudFormation|Medium|Observability|Query details
Documentation
|
+|Redshift Cluster Logging Disabled
3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6|CloudFormation|Medium|Observability|Query details
Documentation
|
+|S3 Bucket CloudTrail Logging Disabled
c3ce69fd-e3df-49c6-be78-1db3f802261c|CloudFormation|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Logging Disabled
4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c|CloudFormation|Medium|Observability|Query details
Documentation
|
+|VPC FlowLogs Disabled
f6d299d2-21eb-41cc-b1e1-fe12d857500b|CloudFormation|Medium|Observability|Query details
Documentation
|
+|High Access Key Rotation Period
800fa019-49dd-421b-9042-7331fdd83fa2|CloudFormation|Medium|Secret Management|Query details
Documentation
|
+|IAM User With No Group
06933df4-0ea7-461c-b9b5-104d27390e0e|CloudFormation|Low|Access Control|Query details
Documentation
|
+|Support Has No Role Associated
d71b5fd7-9020-4b2d-9ec8-b3839faa2744|CloudFormation|Low|Access Control|Query details
Documentation
|
+|EBS Volume Not Attached To Instances
1819ac03-542b-4026-976b-f37addd59f3b|CloudFormation|Low|Availability|Query details
Documentation
|
+|ECS Service Without Running Tasks
79d745f0-d5f3-46db-9504-bef73e9fd528|CloudFormation|Low|Availability|Query details
Documentation
|
+|VPC Attached With Too Many Gateways
97e94d17-e2c7-4109-a53b-6536ac1bb64e|CloudFormation|Low|Availability|Query details
Documentation
|
+|Low RDS Backup Retention Period
e649a218-d099-4550-86a4-1231e1fcb60d|CloudFormation|Low|Backup|Query details
Documentation
|
+|RDS DB Instance With Deletion Protection Disabled
2c161e58-cb52-454f-abea-6470c37b5e6e|CloudFormation|Low|Backup|Query details
Documentation
|
+|Automatic Minor Upgrades Disabled
f0104061-8bfc-4b45-8a7d-630eb502f281|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|CDN Configuration Is Missing
e4f54ff4-d352-40e8-a096-5141073c37a2|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|Cognito UserPool Without MFA
74a18d1a-cf02-4a31-8791-ed0967ad7fdc|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|Geo Restriction Disabled
7f8843f0-9ea5-42b4-a02b-753055113195|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|IAM Access Analyzer Not Enabled
8d29754a-2a18-460d-a1ba-9509f8d359da|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|IAM Password Without Minimum Length
b1b20ae3-8fa7-4af5-a74d-a2145920fcb1|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|IAM Policies Without Groups
5e7acff5-095b-40ac-9073-ac2e4ad8a512|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|Lambda Permission Misconfigured
9b83114b-b2a1-4534-990d-06da015e47aa|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|Security Group Ingress Has CIDR Not Recommended
a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd|CloudFormation|Low|Best Practices|Query details
Documentation
|
+|DynamoDB With Not Recommented Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|CloudFormation|Low|Build Process|Query details
Documentation
|
+|EFS Without Tags
08e39832-5e42-4304-98a0-aa5b43393162|CloudFormation|Low|Build Process|Query details
Documentation
|
+|API Gateway With Invalid Compression
d6653eee-2d4d-4e6a-976f-6794a497999a|CloudFormation|Low|Encryption|Query details
Documentation
|
+|CloudTrail Log Files Not Encrypted With KMS
050a9ba8-d1cb-4c61-a5e8-8805a70d3b85|CloudFormation|Low|Encryption|Query details
Documentation
|
+|EFS Without KMS
6d087495-2a42-4735-abf7-02ef5660a7e6|CloudFormation|Low|Encryption|Query details
Documentation
|
+|API Gateway Cache Cluster Disabled
52790cad-d60d-41d5-8483-146f9f21208d|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Inline Policies Are Attached To ECS Service
9e8c89b3-7997-4d15-93e4-7911b9db99fd|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Instance With No VPC
8a6d36cd-0bc6-42b7-92c4-67acc8576861|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Lambda Function Without Dead Letter Queue
c2eae442-d3ba-4cb1-84ca-1db4f80eae3d|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Lambda Function Without Tags
8df8e857-bd59-44fa-9f4c-d77594b95b46|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Wildcard In ACM Certificate Domain Name
cc8b294f-006f-4f8f-b5bb-0a9140c33131|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|RouterTable with Default Routing
4f0908b9-eb66-433f-9145-134274e1e944|CloudFormation|Low|Insecure Defaults|Query details
Documentation
|
+|S3 Bucket Should Have Bucket Policy
37fa8188-738b-42c8-bf82-6334ea567738|CloudFormation|Low|Insecure Defaults|Query details
Documentation
|
+|EC2 Instance Using Default VPC
e42a3ef0-5325-4667-84bf-075ba1c9d58e|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Using Default Port
323db967-c68e-44e6-916c-a777f95af34b|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Without VPC
ba766c53-fe71-4bbb-be35-b6803f2ef13e|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|EMR Without VPC
bf89373a-be40-4c04-99f5-746742dfd7f3|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|RDS Using Default Port
1fe9d958-ddce-4228-a124-05265a959a8b|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|Redshift Using Default Port
a478af30-8c3a-404d-aa64-0b673cee509a|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|Security Groups Without VPC Attached
493d9591-6249-47bf-8dc0-5c10161cc558|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|Shield Advanced Not In Use
ad7444cf-817a-4765-a79e-2145f7981faf|CloudFormation|Low|Networking and Firewall|Query details
Documentation
|
+|API Gateway Deployment Without API Gateway UsagePlan Associated
783860a3-6dca-4c8b-81d0-7b62769ccbca|CloudFormation|Low|Observability|Query details
Documentation
|
+|API Gateway X-Ray Disabled
4ab10c48-bedb-4deb-8f3b-ff12783b61de|CloudFormation|Low|Observability|Query details
Documentation
|
+|CloudTrail Log File Validation Disabled
2a3560fe-52ca-4443-b34f-bf0ed5eb74c8|CloudFormation|Low|Observability|Query details
Documentation
|
+|CloudTrail Multi Region Disabled
058ac855-989f-4378-ba4d-52d004020da7|CloudFormation|Low|Observability|Query details
Documentation
|
+|CloudTrail Not Integrated With CloudWatch
65d07da5-9af5-44df-8983-52d2e6f24c44|CloudFormation|Low|Observability|Query details
Documentation
|
+|CloudTrail SNS Topic Name Undefined
3e09413f-471e-40f3-8626-990c79ae63f3|CloudFormation|Low|Observability|Query details
Documentation
|
+|CMK Rotation Disabled
1c07bfaf-663c-4f6f-b22b-8e2d481e4df5|CloudFormation|Low|Observability|Query details
Documentation
|
+|Configuration Aggregator to All Regions Disabled
9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d|CloudFormation|Low|Observability|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
ab759fde-e1e8-4b0e-ad73-ba856e490ed8|CloudFormation|Low|Observability|Query details
Documentation
|
+|ECS Task Definition HealthCheck Missing
d24389b4-b209-4ff0-8345-dc7a4569dcdd|CloudFormation|Low|Observability|Query details
Documentation
|
+|ElasticSearch Without Slow Logs
086ea2eb-14a6-4fd4-914b-38e0bc8703e8|CloudFormation|Low|Observability|Query details
Documentation
|
+|Lambda Functions Without X-Ray Tracing
9488c451-074e-4cd3-aee3-7db6104f542c|CloudFormation|Low|Observability|Query details
Documentation
|
+|Stack Notifications Disabled
837e033c-4717-40bd-807e-6abaa30161b7|CloudFormation|Low|Observability|Query details
Documentation
|
+|Unscanned ECR Image
9025b2b3-e554-4842-ba87-db7aeec36d35|CloudFormation|Low|Observability|Query details
Documentation
|
+|API Gateway Stage Without API Gateway UsagePlan Associated
7f8f1b60-43df-4c28-aa21-fb836dbd8071|CloudFormation|Low|Resource Management|Query details
Documentation
|
+|ECS Task Definition Invalid CPU or Memory
f4c9b5f5-68b8-491f-9e48-4f96644a1d51|CloudFormation|Low|Resource Management|Query details
Documentation
|
+|SDB Domain Declared As A Resource
6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d|CloudFormation|Low|Resource Management|Query details
Documentation
|
+|VPC Without Attached Subnet
3b3b4411-ad1f-40e7-b257-a78a6bb9673a|CloudFormation|Low|Resource Management|Query details
Documentation
|
+|EBS Volume Without KmsKeyId
b7063015-6c31-4658-a8e7-14f98f37fd42|CloudFormation|Low|Secret Management|Query details
Documentation
|
+|Secrets Manager Should Specify KmsKeyId
c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22|CloudFormation|Low|Secret Management|Query details
Documentation
|
+|SNS Topic Without KmsMasterKeyId
9d13b150-a2ab-42a1-b6f4-142e41f81e52|CloudFormation|Low|Secret Management|Query details
Documentation
|
+|EC2 Not EBS Optimized
8dd0ff1f-0da4-48df-9bb3-7f338ae36a40|CloudFormation|Info|Best Practices|Query details
Documentation
|
+|Security Group Rule Without Description
5e6c9c68-8a82-408e-8749-ddad78cbb9c5|CloudFormation|Info|Best Practices|Query details
Documentation
|
+|EC2 Network ACL Duplicate Rule
045ddb54-cfc5-4abb-9e05-e427b2bc96fe|CloudFormation|Info|Networking and Firewall|Query details
Documentation
|
+|BOM - AWS Cassandra
124b173b-e06d-48a6-8acd-f889443d97a4|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS DynamoDB
4e67c0ae-38a0-47f4-a50c-f0c9b75826df|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EBS
0b0556ea-9cd9-476f-862e-20679dda752b|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EFS
ef05a925-8568-4054-8ff1-f5ba82631c16|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Elasticache
c689f51b-9203-43b3-9d8b-caed123f706c|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Kinesis
d53323be-dde6-4457-9a43-42df737e71d2|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MQ
209189f3-c879-48a7-9703-fbcfa96d0cef|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MSK
2730c169-51d7-4ae7-99b5-584379eff1bb|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS RDS
6ef03ff6-a2bd-483c-851f-631f248bc0ea|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS S3 Buckets
b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SNS
42e7dca3-8cce-4325-8df0-108888259136|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SQS
59a849c2-1127-4023-85a5-ef906dcd458c|CloudFormation|Trace|Bill Of Materials|Query details
Documentation
|
+|Serverless Function Without Unique IAM Role
4ba74f01-aba5-4be2-83bc-be79ff1a3b92|CloudFormation|High|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Environment Variables Not Encrypted
a7f8ac28-eed1-483d-87c8-4c325f022572|CloudFormation|Medium|Encryption|Query details
Documentation
|
+|Serverless API Endpoint Config Not Private
6b5b0313-771b-4319-ad7a-122ee78700ef|CloudFormation|Medium|Networking and Firewall|Query details
Documentation
|
+|Serverless API Access Logging Setting Undefined
0a994e04-c6dc-471d-817e-d37451d18a3b|CloudFormation|Medium|Observability|Query details
Documentation
|
+|Serverless API X-Ray Tracing Disabled
c757c6a3-ac87-4b9d-b28d-e5a5add6a315|CloudFormation|Medium|Observability|Query details
Documentation
|
+|Serverless API Without Content Encoding
a2f2800e-614b-4bc8-89e6-fec8afd24800|CloudFormation|Low|Encryption|Query details
Documentation
|
+|Serverless API Cache Cluster Disabled
60a05ede-0a68-4d0d-a58f-f538cf55ff79|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without Dead Letter Queue
cb2f612b-ed42-4ff5-9fb9-255c73d39a18|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without Tags
a71ecabe-03b6-456a-b3bc-d1a39aa20c98|CloudFormation|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without X-Ray Tracing
dc1ab429-1481-4540-9b1d-280e3f15f1f8|CloudFormation|Low|Observability|Query details
Documentation
|
+|Passwords And Secrets
a88baa34-e2ad-44ea-ad6f-8cac87bc7c71|Common|High|Secret Management|Query details
Documentation
|
+|DB Instance Storage Not Encrypted
e50eb68a-a4af-4048-8bbe-8ec324421469|Crossplane|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
72840c35-3876-48be-900d-f21b2f0c2ea1|Crossplane|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
a507daa5-0795-4380-960b-dd7bb7c56661|Crossplane|High|Encryption|Query details
Documentation
|
+|Neptune Database Cluster Encryption Disabled
83bf5aca-138a-498e-b9cd-ad5bc5e117b4|Crossplane|High|Encryption|Query details
Documentation
|
+|DB Security Group Has Public Interface
dd667399-8d9d-4a8d-bbb4-e49ab53b2f52|Crossplane|High|Insecure Configurations|Query details
Documentation
|
+|SQS With SSE Disabled
9296f1cc-7a40-45de-bd41-f31745488a0e|Crossplane|Medium|Encryption|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
255b0fcc-9f82-41fe-9229-01b163e3376b|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
d9dc6429-5140-498a-8f55-a10daac5f000|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without WAF
6d19ce0f-b3d8-4128-ac3d-1064e0f00494|Crossplane|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Logging Disabled
7b590235-1ff4-421b-b9ff-5227134be9bb|Crossplane|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
e6cd49ba-77ed-417f-9bca-4f5303554308|Crossplane|Medium|Observability|Query details
Documentation
|
+|EFS Without KMS
bdecd6db-2600-47dd-a10c-72c97cf17ae9|Crossplane|Low|Encryption|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
0c7a76d9-7dc5-499e-81ac-9245839177cb|Crossplane|Low|Observability|Query details
Documentation
|
+|CloudWatch Without Retention Period Specified
934613fe-b12c-4e5a-95f5-c1dcdffac1ff|Crossplane|Info|Observability|Query details
Documentation
|
+|AKS RBAC Disabled
b2418936-cd47-4ea2-8346-623c0bdb87bd|Crossplane|Medium|Access Control|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
6c7cfec3-c686-4ed2-bf58-a1ec054b63fc|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Container Node Pool Auto Repair Disabled
b4f65d13-a609-4dc1-af7c-63d2e08bffe9|Crossplane|Medium|Insecure Configurations|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
6c2d627c-de0f-45fb-b33d-dad9bffbb421|Crossplane|Medium|Observability|Query details
Documentation
|
+|Docker Socket Mounted In Container
d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b|DockerCompose|High|Build Process|Query details
Documentation
|
+|Volume Has Sensitive Host Directory
1c1325ff-831d-43a1-973e-839ae57dfcc0|DockerCompose|High|Build Process|Query details
Documentation
|
+|Volume Mounted In Multiple Containers
baa452f0-1f21-4a25-ace5-844e7a5f410d|DockerCompose|High|Build Process|Query details
Documentation
|
+|No New Privileges Not Set
27fcc7d6-c49b-46e0-98f1-6c082a6a2750|DockerCompose|High|Resource Management|Query details
Documentation
|
+|Privileged Containers Enabled
ae5b6871-7f45-42e0-bb4c-ab300c4d2026|DockerCompose|High|Resource Management|Query details
Documentation
|
+|Healthcheck Not Set
698ed579-b239-4f8f-a388-baa4bcb13ef8|DockerCompose|Medium|Availability|Query details
Documentation
|
+|Cgroup Not Default
4d9f44c6-2f4a-4317-9bb5-267adbea0232|DockerCompose|Medium|Build Process|Query details
Documentation
|
+|Restart Policy On Failure Not Set To 5
2fc99041-ddad-49d5-853f-e35e70a48391|DockerCompose|Medium|Build Process|Query details
Documentation
|
+|Container Traffic Not Bound To Host Interface
451d79dc-0588-476a-ad03-3c7f0320abb3|DockerCompose|Medium|Networking and Firewall|Query details
Documentation
|
+|Privileged Ports Mapped In Container
bc2908f3-f73c-40a9-8793-c1b7d5544f79|DockerCompose|Medium|Networking and Firewall|Query details
Documentation
|
+|Container Capabilities Unrestricted
ce76b7d0-9e77-464d-b86f-c5c48e03e22d|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Default Seccomp Profile Disabled
404fde2c-bc4b-4371-9747-7054132ac953|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Host Namespace is Shared
4f31dd9f-2cc3-4751-9b53-67e4af83dac0|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Memory Not Limited
bb9ac4f7-e13b-423d-a010-c74a1bfbe492|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Pids Limit Not Set
221e0658-cb2a-44e3-b08a-db96a341d6fa|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Security Opt Not Set
610e266e-6c12-4bca-9925-1ed0cd29742b|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Shared Host IPC Namespace
baa3890f-bed7-46f5-ab8f-1da8fc91c729|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Shared Host Network Namespace
071a71ff-f868-47a4-ac0b-3c59e4ab5443|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Shared Host User Namespace
8af7162d-6c98-482f-868e-0d33fb675ca8|DockerCompose|Medium|Resource Management|Query details
Documentation
|
+|Cpus Not Limited
6b610c50-99fb-4ef0-a5f3-e312fd945bc3|DockerCompose|Low|Resource Management|Query details
Documentation
|
+|Shared Volumes Between Containers
8c978947-0ff6-485c-b0c2-0bfca6026466|DockerCompose|Info|Insecure Configurations|Query details
Documentation
|
+|Last User Is 'root'
67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae|Dockerfile|High|Best Practices|Query details
Documentation
|
+|Missing User Instruction
fd54f200-402c-4333-a5a4-36ef6709af2f|Dockerfile|High|Build Process|Query details
Documentation
|
+|Changing Default Shell Using RUN Command
8a301064-c291-4b20-adcb-403fe7fd95fd|Dockerfile|Medium|Best Practices|Query details
Documentation
|
+|Image Version Using 'latest'
f45ea400-6bbe-4501-9fc7-1c3d75c32067|Dockerfile|Medium|Best Practices|Query details
Documentation
|
+|Not Using JSON In CMD And ENTRYPOINT Arguments
b86987e1-6397-4619-81d5-8807f2387c79|Dockerfile|Medium|Build Process|Query details
Documentation
|
+|Run Using Sudo
8ada6e80-0ade-439e-b176-0b28f6bce35a|Dockerfile|Medium|Insecure Configurations|Query details
Documentation
|
+|Add Instead of Copy
9513a694-aa0d-41d8-be61-3271e056f36b|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Apt Get Install Pin Version Not Defined
965a08d7-ef86-4f14-8792-4a3b2098937e|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Gem Install Without Version
22cd11f7-9c6c-4f6e-84c0-02058120b341|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Image Version Not Explicit
9efb0b2d-89c9-41a3-91ca-dcc0aec911fd|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Missing Version Specification In dnf install
93d88cf7-f078-46a8-8ddc-178e03aeacf1|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Missing Zypper Non-interactive Switch
45e1fca5-f90e-465d-825f-c2cb63fa3944|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|NPM Install Command Without Pinned Version
e36d8880-3f78-4546-b9a1-12f0745ca0d5|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Unpinned Package Version in Apk Add
d3499f6d-1651-41bb-a9a7-de925fea487b|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Unpinned Package Version in Pip Install
02d9c71f-3ee8-4986-9c27-1a20d0d19bfc|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Yum install Without Version
6452c424-1d92-4deb-bb18-a03e95d579c4|Dockerfile|Medium|Supply-Chain|Query details
Documentation
|
+|Chown Flag Exists
aa93e17f-b6db-4162-9334-c70334e7ac28|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Curl or Wget Instead of Add
4b410d24-1cbe-4430-a632-62c9a931cf1c|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Exposing Port 22 (SSH)
5907595b-5b6d-4142-b173-dbb0e73fbff8|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|MAINTAINER Instruction Being Used
99614418-f82b-4852-a9ae-5051402b741c|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Missing Dnf Clean All
295acb63-9246-4b21-b441-7c1f1fb62dc0|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Missing Zypper Clean
38300d1a-feb2-4a48-936a-d1ef1cd24313|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Multiple RUN, ADD, COPY, Instructions Listed
0008c003-79aa-42d8-95b8-1c2fe37dbfe6|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Pip install Keeping Cached Packages
f2f903fb-b977-461e-98d7-b3e2185c6118|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|Yum Clean All Missing
00481784-25aa-4a55-8633-3136dfcf4f37|Dockerfile|Low|Best Practices|Query details
Documentation
|
+|COPY '--from' References Current FROM Alias
cdddb86f-95f6-4fc4-b5a1-483d9afceb2b|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Copy With More Than Two Arguments Not Ending With Slash
6db6e0c2-32a3-4a2e-93b5-72c35f4119db|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Multiple CMD Instructions Listed
41c195f4-fc31-4a5c-8a1b-90605538d49f|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Multiple ENTRYPOINT Instructions Listed
6938958b-3f1a-451c-909b-baeee14bdc97|Dockerfile|Low|Build Process|Query details
Documentation
|
+|RUN Instruction Using 'cd' Instead of WORKDIR
f4a6bcd3-e231-4acf-993c-aa027be50d2e|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Same Alias In Different Froms
f2daed12-c802-49cd-afed-fe41d0b82fed|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Update Instruction Alone
9bae49be-0aa3-4de5-bab2-4c3a069e40cd|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Using Unnamed Build Stages
68a51e22-ae5a-4d48-8e87-b01a323605c9|Dockerfile|Low|Build Process|Query details
Documentation
|
+|WORKDIR Path Not Absolute
6b376af8-cfe8-49ab-a08d-f32de23661a4|Dockerfile|Low|Build Process|Query details
Documentation
|
+|Healthcheck Instruction Missing
b03a748a-542d-44f4-bb86-9199ab4fd2d5|Dockerfile|Low|Insecure Configurations|Query details
Documentation
|
+|Shell Running A Pipe Without Pipefail Flag
efbf148a-67e9-42d2-ac47-02fa1c0d0b22|Dockerfile|Low|Insecure Defaults|Query details
Documentation
|
+|APT-GET Missing Flags To Avoid Manual Input
77783205-c4ca-4f80-bb80-c777f267c547|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
+|Missing Flag From Dnf Install
7ebd323c-31b7-4e5b-b26f-de5e9e477af8|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
+|Run Using 'wget' and 'curl'
fc775e75-fcfb-4c98-b2f2-910c5858b359|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
+|Run Using apt
b84a0b47-2e99-4c9f-8933-98bcabe2b94d|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
+|Yum Install Allows Manual Input
6e19193a-8753-436d-8a09-76dcff91bb03|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
+|Zypper Install Without Version
562952e4-0348-4dea-9826-44f3a2c6117b|Dockerfile|Low|Supply-Chain|Query details
Documentation
|
+|Using Platform Flag with FROM Command
b16e8501-ef3c-44e1-a543-a093238099c9|Dockerfile|Info|Best Practices|Query details
Documentation
|
+|UNIX Ports Out Of Range
71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e|Dockerfile|Info|Networking and Firewall|Query details
Documentation
|
+|Apk Add Using Local Cache Path
ae9c56a6-3ed1-4ac0-9b54-31267f51151d|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
+|Apt Get Install Lists Were Not Deleted
df746b39-6564-4fed-bf85-e9c44382303c|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
+|APT-GET Not Avoiding Additional Packages
7384dfb2-fcd1-4fbf-91cd-6c44c318c33c|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
+|Run Utilities And POSIX Commands
9b6b0f38-92a2-41f9-b881-3a1083d99f1b|Dockerfile|Info|Supply-Chain|Query details
Documentation
|
+|Cloud Storage Anonymous or Publicly Accessible
63ae3638-a38c-4ff4-b616-6e1f72a31a6a|GoogleDeploymentManager|Critical|Access Control|Query details
Documentation
|
+|BigQuery Dataset Is Public
83103dff-d57f-42a8-bd81-40abab64c1a7|GoogleDeploymentManager|High|Access Control|Query details
Documentation
|
+|SQL DB Instance With SSL Disabled
660360d3-9ca7-46d1-b147-3acc4002953f|GoogleDeploymentManager|High|Encryption|Query details
Documentation
|
+|Client Certificate Disabled
dd690686-2bf9-4012-a821-f61912dd77be|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
+|GKE Legacy Authorization Enabled
df58d46c-783b-43e0-bdd0-d99164f712ee|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
+|Google Storage Bucket Level Access Disabled
1239f54b-33de-482a-8132-faebe288e6a6|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
+|MySQL Instance With Local Infile On
c759d6f2-4dd3-4160-82d3-89202ef10d87|GoogleDeploymentManager|High|Insecure Configurations|Query details
Documentation
|
+|RDP Access Is Not Restricted
50cb6c3b-c878-4b88-b50e-d1421bada9e8|GoogleDeploymentManager|High|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Is Publicly Accessible
77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc|GoogleDeploymentManager|Medium|Access Control|Query details
Documentation
|
+|SQL DB Instance Backup Disabled
a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01|GoogleDeploymentManager|Medium|Backup|Query details
Documentation
|
+|Disk Encryption Disabled
fc040fb6-4c23-4c0d-b12a-39edac35debb|GoogleDeploymentManager|Medium|Encryption|Query details
Documentation
|
+|DNSSEC Using RSASHA1
6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35|GoogleDeploymentManager|Medium|Encryption|Query details
Documentation
|
+|Cloud DNS Without DNSSEC
313d6deb-3b67-4948-b41d-35b699c2492e|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|Cluster Master Authentication Disabled
7ef7d141-9fbb-4679-a977-fd0883436906|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|IP Aliasing Disabled
28727987-e398-49b8-aef1-8a3e7789d111|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Policy Disabled
c47f90e8-4a19-43f0-8413-cc434d286c4e|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|OSLogin Is Disabled In VM Instance
e66e1b71-c810-4b4e-a737-0ab59e7f5e41|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|Private Cluster Disabled
48c61fbd-09c9-46cc-a521-012e0c325412|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded VM Disabled
9038b526-4c19-4928-bca2-c03d503bdb79|GoogleDeploymentManager|Medium|Insecure Configurations|Query details
Documentation
|
+|Compute Instance Is Publicly Accessible
8212e2d7-e683-49bc-bf78-d6799075c5a7|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
+|GKE Master Authorized Networks Disabled
62c8cf50-87f0-4295-a974-8184ed78fe02|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
+|IP Forwarding Enabled
7c98538a-81c6-444b-bf04-e60bc3ceeec0|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Access Is Not Restricted
dee21308-2a7a-49de-8ff7-c9b87e188575|GoogleDeploymentManager|Medium|Networking and Firewall|Query details
Documentation
|
+|Bucket Without Versioning
227c2f58-70c6-4432-8e9a-a89c1a548cf5|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
+|Cloud Storage Bucket Versioning Disabled
ad0875c1-0b39-4890-9149-173158ba3bba|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
+|Stackdriver Logging Disabled
95601b9a-7fe8-4aee-9b58-d36fd9382dfc|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
+|Stackdriver Monitoring Disabled
bbfc97ab-e92a-4a7b-954c-e88cec815011|GoogleDeploymentManager|Medium|Observability|Query details
Documentation
|
+|Node Auto Upgrade Disabled
dc5c5fee-6c53-43b0-ab11-4c660e064aaf|GoogleDeploymentManager|Medium|Resource Management|Query details
Documentation
|
+|Project-wide SSH Keys Are Enabled In VM Instances
6e2b1ec1-1eca-4eb7-9d4d-2882680b4811|GoogleDeploymentManager|Medium|Secret Management|Query details
Documentation
|
+|Cluster Labels Disabled
8810968b-4b15-421d-918b-d91eb4bb8d1d|GoogleDeploymentManager|Low|Insecure Configurations|Query details
Documentation
|
+|COS Node Image Not Used
dbe058d7-b82e-430b-8426-992b2e4677e7|GoogleDeploymentManager|Low|Insecure Configurations|Query details
Documentation
|
+|Not Proper Email Account In Use
a21b8df3-c840-4b3d-a41a-10fb2afda171|GoogleDeploymentManager|Low|Insecure Configurations|Query details
Documentation
|
+|BOM - GCP PD
268c65a8-58ad-43e4-9019-1a9bbc56749f|GoogleDeploymentManager|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PST
9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8|GoogleDeploymentManager|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP SB
c7781feb-a955-4f9f-b9cf-0d7c6f54bb59|GoogleDeploymentManager|Trace|Bill Of Materials|Query details
Documentation
|
+|Enum Name Not CamelCase
daaace5f-c0dc-4835-b526-7a116b7f4b4e|GRPC|Info|Best Practices|Query details
Documentation
|
+|Serving Revision Spec Without Timeout Seconds
e8bb41e4-2f24-4e84-8bea-8c7c070cf93d|Knative|Info|Insecure Configurations|Query details
Documentation
|
+|Authorization Mode Set To Always Allow
f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5|Kubernetes|High|Access Control|Query details
Documentation
|
+|Basic Auth File Is Set
5da47109-f8d6-4585-9e2b-96a8958a12f5|Kubernetes|High|Access Control|Query details
Documentation
|
+|Client Certificate Authentication Not Setup Properly
e0e00aba-5f1c-4981-a542-9a9563c0ee20|Kubernetes|High|Access Control|Query details
Documentation
|
+|Non Kube System Pod With Host Mount
aa8f7a35-9923-4cad-bd61-a19b7f6aac91|Kubernetes|High|Access Control|Query details
Documentation
|
+|RBAC Wildcard In Rule
6b896afb-ca07-467a-b256-1a0077a1c08e|Kubernetes|High|Access Control|Query details
Documentation
|
+|Service Account Lookup Set To False
a5530bd7-225a-48f9-91bb-f40b04200165|Kubernetes|High|Access Control|Query details
Documentation
|
+|Token Auth File Is Set
32ecd76e-7bbf-402e-bf48-8b9485749558|Kubernetes|High|Access Control|Query details
Documentation
|
+|Pod Security Policy Admission Control Plugin Not Set
afa36afb-39fe-4d94-b9b6-afb236f7a03d|Kubernetes|High|Build Process|Query details
Documentation
|
+|Cluster Allows Unsafe Sysctls
9127f0d9-2310-42e7-866f-5fd9d20dcbad|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Container Is Privileged
dd29336b-fe57-445b-a26e-e6aa867ae609|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Container Runs Unmasked
f922827f-aab6-447c-832a-e1ff63312bd3|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Containers With Sys Admin Capabilities
235236ee-ad78-4065-bd29-61b061f28ce0|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Privilege Escalation Allowed
5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Containers To Share The Host Network Namespace
a33e9173-b674-4dfb-9d82-cf3754816e4b|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Privilege Escalation
87554eef-154d-411d-bdce-9dbd91e56851|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Sharing Host IPC
80f93444-b240-4ebb-a4c6-5c40b76c04ea|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|PSP Set To Privileged
c48e57d3-d642-4e0b-90db-37f807b41b91|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|PSP With Added Capabilities
7307579a-3abb-46ad-9ce5-2a915634d5c8|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Shared Host PID Namespace
302736f4-b16c-41b8-befe-c0baffa0bd9d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Tiller (Helm v2) Is Deployed
6d173be7-545a-46c6-a81d-2ae52ed1605d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Tiller Service Is Not Deleted
8b862ca9-0fbd-4959-ad72-b6609bdaa22d|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Workload Mounting With Sensitive OS Directory
5308a7a8-06f8-45ac-bf10-791fe21de46e|Kubernetes|High|Insecure Configurations|Query details
Documentation
|
+|Etcd Peer TLS Certificate Files Not Properly Set
09bb9e96-8da3-4736-b89a-b36814acca60|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
+|Insecure Bind Address Set
b9380fd3-5ffe-4d10-9290-13e18e71eee1|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
+|Insecure Port Not Properly Set
fa4def8c-1898-4a35-a139-7b76b1acdef0|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
+|Secure Port Set To Zero
3d24b204-b73d-42cb-b0bf-1a5438c5f71e|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
+|Tiller Deployment Is Accessible From Within The Cluster
e17fa86a-6222-4584-a914-56e8f6c87e06|Kubernetes|High|Networking and Firewall|Query details
Documentation
|
+|PSP With Unrestricted Access to Host Path
de4421f1-4e35-43b4-9783-737dd4e4a47e|Kubernetes|High|Resource Management|Query details
Documentation
|
+|Volume Mount With OS Directory Write Permissions
b7652612-de4e-4466-a0bf-1cd81f0c6063|Kubernetes|High|Resource Management|Query details
Documentation
|
+|Always Admit Admission Control Plugin Set
ce30e584-b33f-4c7d-b418-a3d7027f8f60|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Anonymous Auth Is Not Set To False
1de5cc51-f376-4638-a940-20f2e85ae238|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Authorization Mode RBAC Not Set
1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Docker Daemon Socket is Exposed to Containers
a6f34658-fdfb-4154-9536-56d516f65828|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Node Restriction Admission Control Plugin Not Set
33fc6923-6553-4fe6-9d3a-4efa51eb874b|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Permissive Access to Create Pods
592ad21d-ad9b-46c6-8d2d-fad09d62a942|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles Allow Privilege Escalation
8320826e-7a9c-4b0b-9535-578333193432|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Attach Permission
d45330fd-f58d-45fb-a682-6481477a0f84|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Exec Permission
c589f42c-7924-4871-aee2-1cede9bc7cbc|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Impersonate Permission
9f85c3f6-26fd-4007-938a-2e0cb0100980|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Port-Forwarding Permission
38fa11ef-dbcc-4da8-9680-7e1fd855b6fb|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Read Secrets Permissions
b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Service Account Admission Control Plugin Disabled
9587c890-0524-40c2-9ce2-663af7c2f063|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Use Service Account Credentials Not Set To True
1acd93f1-5a37-45c0-aaac-82ece818be7d|Kubernetes|Medium|Access Control|Query details
Documentation
|
+|Readiness Probe Is Not Configured
a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3|Kubernetes|Medium|Availability|Query details
Documentation
|
+|Request Timeout Not Properly Set
d89a15bb-8dba-4c71-9529-bef6729b9c09|Kubernetes|Medium|Availability|Query details
Documentation
|
+|Terminated Pod Garbage Collector Threshold Not Properly Set
49113af4-29ca-458e-b8d4-724c01a4a24f|Kubernetes|Medium|Availability|Query details
Documentation
|
+|Container Running As Root
cf34805e-3872-4c08-bf92-6ff7bb0cfadb|Kubernetes|Medium|Best Practices|Query details
Documentation
|
+|Container Running With Low UID
02323c00-cdc3-4fdc-a310-4f2b3e7a1660|Kubernetes|Medium|Best Practices|Query details
Documentation
|
+|Root Containers Admitted
e3aa0612-4351-4a0d-983f-aefea25cf203|Kubernetes|Medium|Best Practices|Query details
Documentation
|
+|Always Pull Images Admission Control Plugin Not Set
a77f4d07-c6e0-4a48-8b35-0eeb51576f4f|Kubernetes|Medium|Build Process|Query details
Documentation
|
+|Incorrect Volume Claim Access Mode ReadWriteOnce
3878dc92-8e5d-47cf-9cdd-7590f71d21b9|Kubernetes|Medium|Build Process|Query details
Documentation
|
+|Encryption Provider Config Is Not Defined
cbd2db69-0b21-4c14-8a40-7710a50571a9|Kubernetes|Medium|Encryption|Query details
Documentation
|
+|Encryption Provider Not Properly Configured
10efce34-5af6-4d83-b414-9e096d5a06a9|Kubernetes|Medium|Encryption|Query details
Documentation
|
+|Root CA File Not Defined
05fb986f-ac73-4ebb-a5b2-7faafa93d882|Kubernetes|Medium|Encryption|Query details
Documentation
|
+|Service Account Private Key File Not Defined
ccc98ff7-68a7-436e-9218-185cb0b0b780|Kubernetes|Medium|Encryption|Query details
Documentation
|
+|Weak TLS Cipher Suites
510d5810-9a30-443a-817d-5c1fa527b110|Kubernetes|Medium|Encryption|Query details
Documentation
|
+|Authorization Mode Node Not Set
4d7ee40f-fc5d-427d-8cac-dffbe22d42d1|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Containers With Added Capabilities
19ebaa28-fc86-4a58-bcfa-015c9e22fe40|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Ingress Controller Exposes Workload
69bbc5e3-0818-4150-89cc-1e989b48f23b|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Kubelet Protect Kernel Defaults Set To False
6cf42c97-facd-4fda-b8af-ea4529123355|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Disabled for PSP
2270987f-bb51-479f-b8be-3ca73e5ad648|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Not Being Dropped
dbbc6705-d541-43b0-b166-dd4be8208b54|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Sharing Host PID
91dacd0e-d189-4a9c-8272-5999a3cc32d9|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Seccomp Profile Is Not Configured
f377b83e-bd07-4f48-a591-60c82b14a78b|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Security Context Deny Admission Control Plugin Not Set
6a68bebe-c021-492e-8ddb-55b0567fb768|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Using Unrecommended Namespace
611ab018-c4aa-4ba2-b0f6-a448337509a6|Kubernetes|Medium|Insecure Configurations|Query details
Documentation
|
+|Role Binding To Default Service Account
1e749bc9-fde8-471c-af0c-8254efd2dee5|Kubernetes|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Name Undefined Or Empty
591ade62-d6b0-4580-b1ae-209f80ba1cd9|Kubernetes|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Token Automount Not Disabled
48471392-d4d0-47c0-b135-cdec95eb3eef|Kubernetes|Medium|Insecure Defaults|Query details
Documentation
|
+|Auto TLS Set To True
98ce8b81-7707-4734-aa39-627c6db3d84b|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|CNI Plugin Does Not Support Network Policies
03aabc8c-35d6-481e-9c85-20139cf72d23|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Etcd TLS Certificate Files Not Properly Set
075ca296-6768-4322-aea2-ba5063b969a9|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Etcd TLS Certificate Not Properly Configured
895a5a95-3756-4b04-9924-2f3bc93181bd|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet HTTPS Set To False
cdc8b54e-6b16-4538-a1b0-35849dbe29cf|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet Not Managing Ip Tables
5f89001f-6dd9-49ff-9b15-d8cd71b617f4|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet Read Only Port Is Not Set To Zero
2940d48a-dc5e-4178-a3f8-bfbd80720b41|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet Streaming Connection Timeout Disabled
ed89b97d-04e9-4fd4-919f-ee5b27e555e9|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Peer Auto TLS Set To True
ae8827e2-4af9-4baa-9998-87539ae0d6f0|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Pod Misconfigured Network Policy
0401f71b-9c1e-4821-ab15-a955caa621be|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Service With External Load Balancer
26763a1c-5dda-4772-b507-5fca7fb5f165|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|TSL Connection Certificate Not Setup
fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f|Kubernetes|Medium|Networking and Firewall|Query details
Documentation
|
+|Audit Log Path Not Set
73e251f0-363d-4e53-86e2-0a93592437eb|Kubernetes|Medium|Observability|Query details
Documentation
|
+|Audit Policy File Not Defined
13a49a2e-488e-4309-a7c0-d6b05577a5fb|Kubernetes|Medium|Observability|Query details
Documentation
|
+|Memory Limits Not Defined
b14d1bc4-a208-45db-92f0-e21f8e2588e9|Kubernetes|Medium|Resource Management|Query details
Documentation
|
+|Memory Requests Not Defined
229588ef-8fde-40c8-8756-f4f2b5825ded|Kubernetes|Medium|Resource Management|Query details
Documentation
|
+|Shared Host IPC Namespace
cd290efd-6c82-4e9d-a698-be12ae31d536|Kubernetes|Medium|Resource Management|Query details
Documentation
|
+|Shared Host Network Namespace
6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a|Kubernetes|Medium|Resource Management|Query details
Documentation
|
+|Etcd Client Certificate Authentication Set To False
9391103a-d8d7-4671-ac5d-606ba7ccb0ac|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Etcd Client Certificate File Not Defined
3f5ff8a7-5ad6-4d02-86f5-666307da1b20|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Etcd Peer Client Certificate Authentication Set To False
b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Kubelet Certificate Authority Not Set
ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Kubelet Client Certificate Or Key Not Set
36a27826-1bf5-49da-aeb0-a60a30c0e834|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Kubelet Client Periodic Certificate Switch Disabled
52d70f2e-3257-474c-b3dc-8ad9ba6a061a|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Not Unique Certificate Authority
cb7e695d-6a85-495c-b15f-23aed2519303|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Rotate Kubelet Server Certificate Not Active
1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Service Account Key File Not Properly Set
dab4ec72-ce2e-4732-b7c3-1757dcce01a1|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|ServiceAccount Allows Access Secrets
056ac60e-fe07-4acc-9b34-8e1d51716ab9|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Shared Service Account
c1032cf7-3628-44e2-bd53-38c17cf31b6b|Kubernetes|Medium|Secret Management|Query details
Documentation
|
+|Cluster Admin Rolebinding With Superuser Permissions
249328b8-5f0f-409f-b1dd-029f07882e11|Kubernetes|Low|Access Control|Query details
Documentation
|
+|Missing AppArmor Profile
8b36775e-183d-4d46-b0f7-96a6f34a723f|Kubernetes|Low|Access Control|Query details
Documentation
|
+|Deployment Without PodDisruptionBudget
b23e9b98-0cb6-4fc9-b257-1f3270442678|Kubernetes|Low|Availability|Query details
Documentation
|
+|Event Rate Limit Admission Control Plugin Not Set
e0099af2-fe17-411f-9991-0de28fe15f3c|Kubernetes|Low|Availability|Query details
Documentation
|
+|HPA Targets Invalid Object
2f652c42-619d-4361-b361-9f599688f8ca|Kubernetes|Low|Availability|Query details
Documentation
|
+|StatefulSet Without PodDisruptionBudget
1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5|Kubernetes|Low|Availability|Query details
Documentation
|
+|StatefulSet Without Service Name
bb241e61-77c3-4b97-9575-c0f8a1e008d0|Kubernetes|Low|Availability|Query details
Documentation
|
+|Metadata Label Is Invalid
1123031a-f921-4c5b-bd86-ef354ecfd37a|Kubernetes|Low|Best Practices|Query details
Documentation
|
+|No Drop Capabilities for Containers
268ca686-7fb7-4ae9-b129-955a2a89064e|Kubernetes|Low|Best Practices|Query details
Documentation
|
+|Object Is Using A Deprecated API Version
94b76ea5-e074-4ca2-8a03-c5a606e30645|Kubernetes|Low|Best Practices|Query details
Documentation
|
+|Image Policy Webhook Admission Control Plugin Not Set
14abda69-8e91-4acb-9931-76e2bee90284|Kubernetes|Low|Build Process|Query details
Documentation
|
+|Namespace Lifecycle Admission Control Plugin Disabled
1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37|Kubernetes|Low|Build Process|Query details
Documentation
|
+|Root Container Not Mounted Read-only
a9c2f49d-0671-4fc9-9ece-f4e261e128d0|Kubernetes|Low|Build Process|Query details
Documentation
|
+|StatefulSet Requests Storage
8cf4671a-cf3d-46fc-8389-21e7405063a2|Kubernetes|Low|Build Process|Query details
Documentation
|
+|Dashboard Is Enabled
d2ad057f-0928-41ef-a83c-f59203bb855b|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Image Pull Policy Of The Container Is Not Set To Always
caa3479d-885d-4882-9aac-95e5e78ef5c2|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Image Without Digest
7c81d34c-8e5a-402b-9798-9f442630e678|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Kubelet Hostname Override Is Set
bf36b900-b5ef-4828-adb7-70eb543b7cfb|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without LimitRange
4a20ebac-1060-4c81-95d1-1f7f620e983b|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without ResourceQuota
48a5beba-e4c0-4584-a2aa-e6894e4cf424|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without Security Context
a97a340a-0063-418e-b3a1-3028941d0995|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Service Does Not Target Pod
3ca03a61-3249-4c16-8427-6f8e47dda729|Kubernetes|Low|Insecure Configurations|Query details
Documentation
|
+|Network Policy Is Not Targeting Any Pod
85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3|Kubernetes|Low|Networking and Firewall|Query details
Documentation
|
+|Service Type is NodePort
845acfbe-3e10-4b8e-b656-3b404d36dfb2|Kubernetes|Low|Networking and Firewall|Query details
Documentation
|
+|Workload Host Port Not Specified
2b1836f1-dcce-416e-8e16-da8c71920633|Kubernetes|Low|Networking and Firewall|Query details
Documentation
|
+|Audit Log Maxage Not Properly Set
da9f3aa8-fbfb-472f-b5a1-576127944218|Kubernetes|Low|Observability|Query details
Documentation
|
+|Audit Log Maxbackup Not Properly Set
768aab52-2504-4a2f-a3e3-329d5a679848|Kubernetes|Low|Observability|Query details
Documentation
|
+|Audit Log Maxsize Not Properly Set
35c0a471-f7c8-4993-aa2c-503a3c712a66|Kubernetes|Low|Observability|Query details
Documentation
|
+|Audit Policy Not Cover Key Security Concerns
1828a670-5957-4bc5-9974-47da228f75e2|Kubernetes|Low|Observability|Query details
Documentation
|
+|Kubelet Event QPS Not Properly Set
1a07a446-8e61-4e4d-bc16-b0781fcb8211|Kubernetes|Low|Observability|Query details
Documentation
|
+|Profiling Not Set To False
2f491173-6375-4a84-b28e-a4e2b9a58a69|Kubernetes|Low|Observability|Query details
Documentation
|
+|CPU Limits Not Set
4ac0e2b7-d2d2-4af7-8799-e8de6721ccda|Kubernetes|Low|Resource Management|Query details
Documentation
|
+|CPU Requests Not Set
ca469dd4-c736-448f-8ac1-30a642705e0a|Kubernetes|Low|Resource Management|Query details
Documentation
|
+|CronJob Deadline Not Configured
192fe40b-b1c3-448a-aba2-6cc19a300fe3|Kubernetes|Low|Resource Management|Query details
Documentation
|
+|Deployment Has No PodAntiAffinity
a31b7b82-d994-48c4-bd21-3bab6c31827a|Kubernetes|Low|Resource Management|Query details
Documentation
|
+|StatefulSet Has No PodAntiAffinity
d740d048-8ed3-49d3-b77b-6f072f3b669e|Kubernetes|Low|Resource Management|Query details
Documentation
|
+|Secrets As Environment Variables
3d658f8b-d988-41a0-a841-40043121de1e|Kubernetes|Low|Secret Management|Query details
Documentation
|
+|Invalid Image Tag
583053b7-e632-46f0-b989-f81ff8045385|Kubernetes|Low|Supply-Chain|Query details
Documentation
|
+|Ensure Administrative Boundaries Between Resources
e84eaf4d-2f45-47b2-abe8-e581b06deb66|Kubernetes|Info|Access Control|Query details
Documentation
|
+|HPA Targeted Deployments With Configured Replica Count
5744cbb8-5946-4b75-a196-ade44449525b|Kubernetes|Info|Availability|Query details
Documentation
|
+|Liveness Probe Is Not Defined
ade74944-a674-4e00-859e-c6eab5bde441|Kubernetes|Info|Availability|Query details
Documentation
|
+|Not Limited Capabilities For Pod Security Policy
caa93370-791f-4fc6-814b-ba6ce0cb4032|Kubernetes|Info|Insecure Configurations|Query details
Documentation
|
+|Bind Address Not Properly Set
46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2|Kubernetes|Info|Networking and Firewall|Query details
Documentation
|
+|Using Kubernetes Native Secret Management
b9c83569-459b-4110-8f79-6305aa33cb37|Kubernetes|Info|Secret Management|Query details
Documentation
|
+|Security Definitions Undefined or Empty
e3f026e8-fdb4-4d5a-bcfd-bd94452073fe|OpenAPI|High|Access Control|Query details
Documentation
|
+|Security Requirement Not Defined In Security Definition
a599b0d1-ff89-4cb8-9ece-9951854c06f6|OpenAPI|High|Structure and Semantics|Query details
Documentation
|
+|Global Security Using Password Flow
2da46be4-4317-4650-9285-56d7103c4f93|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Implicit Flow in OAuth2 (v2)
e9817ad8-a8c9-4038-8a2f-db0e6e7b284b|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Authorization URL (v2)
33d96c65-977d-4c33-943f-440baca49185|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Token URL (v2)
274f910a-0665-4f08-b66d-7058fe927dba|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Operation Using Basic Auth
ceefb058-8065-418f-9c4c-584a78c7e104|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Operation Using Implicit Flow
f42dfe7e-787d-4478-a75e-a5f3d8a2269e|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Operation Using Password Flow
2e44e632-d617-43cb-b294-6bfe72a08938|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Security Definitions Allows Password Flow
773116aa-2e6d-416f-bd85-f0301cc05d76|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Security Definitions Using Basic Auth
221015a8-aa2a-43f5-b00b-ad7d2b1d47a8|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Global Schemes Uses HTTP
f30ee711-0082-4480-85ab-31d922d9a2b2|OpenAPI|Medium|Encryption|Query details
Documentation
|
+|Path Scheme Accepts HTTP (v2)
a6847dc6-f4ea-45ac-a81f-93291ae6c573|OpenAPI|Medium|Encryption|Query details
Documentation
|
+|Schemes Uses HTTP
a46928f1-43d7-4671-94e0-2dd99746f389|OpenAPI|Medium|Encryption|Query details
Documentation
|
+|Operation Object Without 'consumes'
0c79e50e-b3cf-490c-b8f6-587c644d4d0c|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Operation Object Without 'produces'
be3e170e-1572-461e-a8b6-d963def581ec|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Non OAuth2 Security Requirement Defining OAuth2 Scopes
ba239cb9-f342-4c20-812d-7b5a2aa6969e|OpenAPI|Medium|Structure and Semantics|Query details
Documentation
|
+|Undefined Scope 'securityDefinition' On 'security' Field On Operations
3847280c-9193-40bc-8009-76168e822ce2|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Undefined Scope 'securityDefinition' On Global 'security' Field
9aa6e95c-d964-4239-a3a8-9f37a3c5a31f|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Constraining Enum Property
be1d8733-3731-40c7-a845-734741c6871d|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Global Parameter Definition Not Being Used
b30981fa-a12e-49c7-a5bb-eeafb61d0f0f|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Global Responses Definition Not Being Used
0b76d993-ee52-43e0-8b39-3787d2ddabf1|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Global Schema Definition Not Being Used
6d2e0790-cc3d-4c74-b973-d4e8b09f4455|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Media Type Value (v2)
f985a7d2-d404-4a7f-9814-f645f791e46e|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Operation Summary Too Long
d47940ca-5970-45cc-bdd1-4d81398cee1f|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Schema with 'additionalProperties' set as Boolean
3a01790c-ebee-4da6-8fd3-e78657383b75|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Unknown Prefix (v2)
3b615f00-c443-4ba9-acc4-7c308716917d|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|BasePath With Wrong Format
b4803607-ed72-4d60-99e2-3fa6edf471c6|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Body Parameter With Wrong Property
c38d630d-a415-4e3e-bac2-65475979ba88|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Body Parameter Without Schema
ed48229d-d43e-4da7-b453-5f98d964a57a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|File Parameter With Wrong Consumes Property
7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Host With Invalid Pattern
3d7d7b6c-fb0a-475e-8a28-c125e30d15f0|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Multi 'collectionformat' Not Valid For 'in' Parameter
750f6448-27c0-49f8-a153-b81735c1e19c|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Multiple Body Parameters In The Same Operation
b90033cf-ad9f-4fb9-acd1-1b9d6d278c87|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Non Body Parameter Without Schema
73c3bc54-3cc6-4c0a-b30a-e19f2abfc951|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Object Without Required Property (v2)
5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Operation Example Mismatch Produces MimeType
2cf35b40-ded3-43d6-9633-c8dcc8bcc822|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Operation Object Parameters With 'body' And 'formatData' locations
eb3f9744-d24e-4614-b1ff-2a9514eca21c|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter File Type Not In 'formData'
c3cab8c4-6c52-47a9-942b-c27f26fbd7d2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter JSON Reference Does Not Exists (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Incorrect Ref (v2)
2596545e-1757-4ff7-a15a-8a9a180a42f3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Property Not Unique
750b40be-4bac-4f59-bdc4-1ca0e6c3450e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Response Object With Incorrect Ref (v2)
bccfa089-89e4-47e0-a0e5-185fe6902220|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Responses JSON Reference Does Not Exists (v2)
e9db5fb4-6a84-4abb-b4af-3b94fbdace6d|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema JSON Reference Does Not Exists (v2)
98295b32-ec09-4b5b-89a9-39853197f914|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object Incorrect Ref (v2)
0220e1c5-65d1-49dd-b7c2-cef6d6cb5283|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Unknown Property (v2)
429b2106-ba37-43ba-9727-7f699cc611e1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Cleartext Credentials With Basic Authentication For Operation
86b1fa30-9790-4980-994d-a27e0f6f27c1|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Field 'securityScheme' On Components Is Undefined
8db5544e-4874-4baa-9322-e9f75a2d219e|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Global Security Scheme Using Basic Authentication
77276d82-4f45-4cf1-8e2b-4d345b936228|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Authorization URL (v3)
52c0d841-60d6-4a81-88dd-c35fef36d315|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Token URL (v3)
3ba0cca1-b815-47bf-ac62-1e584eb64a05|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|OAuth2 With Implicit Flow
39cb32f2-3a42-4af0-8037-82a7a9654b6c|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|OAuth2 With Password Flow
3979b0a4-532c-4ea7-86e4-34c090eaa4f2|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Security Scheme HTTP Unknown Scheme
06764426-3c56-407e-981f-caa25db1c149|OpenAPI|Medium|Access Control|Query details
Documentation
|
+|Global Server Object Uses HTTP
2d8c175a-6d90-412b-8b0e-e034ea49a1fe|OpenAPI|Medium|Encryption|Query details
Documentation
|
+|Path Server Object Uses HTTP (v3)
9670f240-7b4d-4955-bd93-edaa9fa38b58|OpenAPI|Medium|Encryption|Query details
Documentation
|
+|Media Type Object Without Schema
f79b9d26-e945-44e7-98a1-b93f0f7a68a0|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Parameter Object Without Schema
8fe1846f-52cc-4413-ace9-1933d7d23672|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Header Object Without Schema
50de3b5b-6465-4e06-a9b0-b4c2ba34326b|OpenAPI|Medium|Networking and Firewall|Query details
Documentation
|
+|API Key Exposed In Global Security Scheme
40e1d1bf-11a9-4f63-a3a2-a8b84c602839|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using HTTP Basic
68e5fcac-390c-4939-a373-6074b7be7c71|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using HTTP Digest
a4247b11-890b-45df-bf42-350a7a3af9be|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using HTTP Negotiate
f525cc92-9050-4c41-a75c-890dc6f64449|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using Oauth 1.0
1bc3205c-0d60-44e6-84f3-44fbf4dac5b3|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Undefined Scope 'securityScheme' On 'security' Field On Operations
462d6a1d-fed9-4d75-bb9e-3de902f35e6e|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Undefined Scope 'securityScheme' On Global 'security' Field
23a9e2d9-8738-4556-a71c-2802b6ffa022|OpenAPI|Low|Access Control|Query details
Documentation
|
+|Additional Properties Too Permissive
9f88c88d-824d-4d9a-b985-e22977046042|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Additional Properties Too Restrictive
a19c3bbd-c056-40d7-9e1c-eeb0634e320d|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Success Response Code Undefined for Trace Operation
105e20dd-8449-4d71-95c6-d5dac96639af|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Components Callback Definition Is Unused
d15db953-a553-4b8a-9a14-a3d62ea3d79d|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Example Definition Is Unused
b05bb927-2df5-43cc-8d7b-6825c0e71625|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Header Definition Is Unused
a68da022-e95a-4bc2-97d3-481e0bd6d446|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Link Definition Is Unused
c19779a9-5774-4d2f-a3a1-a99831730375|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Parameter Definition Is Unused
698a464e-bb3e-4ba8-ab5e-e6599b7644a0|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Request Body Definition Is Unused
6b76f589-9713-44ab-97f5-59a3dba1a285|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Response Definition Is Unused
9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Components Schema Definition Is Unused
962fa01e-b791-4dcc-b04a-4a3e7389be5e|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Encoding Header 'Content-Type' Improperly Defined
4cd8de87-b595-48b6-ab3c-1904567135ab|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Media Type Value (v3)
cf4a5f45-a27b-49df-843a-9911dbfe71d4|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Property 'allowEmptyValue' Ignored
59c2f769-7cc2-49c8-a3de-4e211135cfab|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Property 'allowReserved' of Encoding Object Ignored
4190dda7-af03-4cf0-a128-70ac1661ca09|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Property 'explode' of Encoding Object Ignored
a4dd69b8-49fa-45d2-a060-c76655405b05|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Property 'style' of Encoding Object Ignored
d3ea644a-9a5c-4fee-941f-f8a6786c0470|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Unknown Prefix (v3)
a5375be3-521c-43bb-9eab-e2432e368ee4|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Callback JSON Reference Does Not Exists
f29904c8-6041-4bca-b043-dfa0546b8079|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Callback Object With Incorrect Ref
ba066cda-e808-450d-92b6-f29109754d45|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Components Object Fixed Field Key Improperly Named
151331e2-11f4-4bb6-bd35-9a005e695087|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Empty Array
5915c20f-dffa-4cee-b5d4-f457ddc0151a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Encoding Map Key Mismatch Schema Defined Properties
cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Example JSON Reference Does Not Exists
6a2c219f-da5e-4745-941e-5ea8cde23356|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Example JSON Reference Outside Components Examples
bac56e3c-1f71-4a74-8ae6-2fba07efcddb|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Header JSON Reference Does Not Exists
376c9390-7e9e-4cb8-a067-fd31c05451fd|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Header Object With Incorrect Ref
2d6646f4-2946-420f-8c14-3232d49ae0cb|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Invalid Content Type For Multiple Files Upload
26f06397-36d8-4ce7-b993-17711261d777|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Link JSON Reference Does Not Exists
801f0c6a-a834-4467-89c6-ddecffb46b5a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Link Object Incorrect Ref
b9db8a10-020c-49ca-88c6-780e5fdb4328|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Link Object OperationId Does Not Target Operation Object
c5bb7461-aa57-470b-a714-3bc3d74f4669|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Link Object With Both 'operationId' And 'operationRef'
60fb6621-9f02-473b-9424-ba9a825747d3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Object Without Required Property (v3)
d172a060-8569-4412-8045-3560ebd477e8|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter JSON Reference Does Not Exists (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object Content With Multiple Entries
8bfed1c6-2d59-4924-bc7f-9b9d793ed0df|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Incorrect Ref (v3)
d40f27e6-15fb-4b56-90f8-fc0ff0291c51|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Schema And Content
31dd6fc0-f274-493b-9614-e063086c19fc|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Undefined Type
46facedc-f243-4108-ab33-583b807d50b0|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Property 'allowReserved' Improperly Defined
7f203940-39c4-4ea7-91ee-7aba16bca9e2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Request Body JSON Reference Does Not Exists
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Request Body Object With Incorrect Media Type
58f06434-a88c-4f74-826c-db7e10cc7def|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Request Body With Incorrect Ref
0f6cd0ab-c366-4595-84fc-fbd8b9901e4d|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Response JSON Reference Does Not Exists (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Response Object With Incorrect Ref (v3)
b3871dd8-9333-4d6c-bd52-67eb898b71ab|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema JSON Reference Does Not Exists (v3)
015eac96-6313-43c0-84e5-81b1374fa637|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object Incorrect Ref (v3)
4cac7ace-b0fb-477d-830d-65395d9109d9|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema With Both ReadOnly And WriteOnly
d2361d58-361c-49f0-9e50-b957fd608b29|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Security Field Undefined
ab1263c2-81df-46f0-9f2c-0b62fdb68419|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Security Operation Field Undefined
20a482d5-c5d9-4a7a-b7a4-60d0805047b4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Security Requirement Object With Wrong Scopes
37140f7f-724a-4c87-a536-e9cee1d61533|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Server Object Variable Not Used
8aee4754-970d-4c5f-8142-a49dfe388b1a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Server URL Not Absolute
a0bf7382-5d5a-4224-924c-3db8466026c9|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Server URL Uses Undefined Variables
8d0921d6-4131-461f-a253-99e873f8f77e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Servers Array Undefined
c66ebeaa-676c-40dc-a3ff-3e49395dcd5e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Unknown Property (v3)
fb7d81e7-4150-48c4-b914-92fc05da6a2f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Global Security Field Has An Empty Array (v2)
da31d54b-ad54-41dc-95eb-8b3828629213|OpenAPI|High|Access Control|
Documentation
|
-|Global Security Field Has An Empty Array (v3)
d674aea4-ba8b-454b-bb97-88a772ea33f0|OpenAPI|High|Access Control|Query details
Documentation
|
+|Global Security Field Has An Empty Array (v3)
d674aea4-ba8b-454b-bb97-88a772ea33f0|OpenAPI|High|Access Control|Query details
Documentation
|
|Global security field has an empty object (v2)
292919fb-7b26-4454-bee9-ce29094768dd|OpenAPI|High|Access Control|
Documentation
|
-|Global security field has an empty object (v3)
543e38f4-1eee-479e-8eb0-15257013aa0a|OpenAPI|High|Access Control|Query details
Documentation
|
+|Global security field has an empty object (v3)
543e38f4-1eee-479e-8eb0-15257013aa0a|OpenAPI|High|Access Control|Query details
Documentation
|
|Global Security Field Is Undefined (v2)
74703c89-0ea2-49ab-a7db-bf04f19f5a57|OpenAPI|High|Access Control|Global security field should be defined to prevent API to have insecure paths and have this rules defined on securityDefinitions
Documentation
|
-|Global Security Field Is Undefined (v3)
8af270ce-298b-4405-9922-82a10aee7a4f|OpenAPI|High|Access Control|Query details
Documentation
|
+|Global Security Field Is Undefined (v3)
8af270ce-298b-4405-9922-82a10aee7a4f|OpenAPI|High|Access Control|Query details
Documentation
|
|No Global And Operation Security Defined (v2)
586abcee-9653-462d-ad7b-2638a32bd6e6|OpenAPI|High|Access Control|
Documentation
|
-|No Global And Operation Security Defined (v3)
96729c6b-7400-4d9e-9807-17f00cdde4d2|OpenAPI|High|Access Control|Query details
Documentation
|
+|No Global And Operation Security Defined (v3)
96729c6b-7400-4d9e-9807-17f00cdde4d2|OpenAPI|High|Access Control|Query details
Documentation
|
|Security Field On Operations Has An Empty Array (v2)
5d29effc-5d68-481f-9721-d74e5919226b|OpenAPI|High|Access Control|
Documentation
|
-|Security Field On Operations Has An Empty Array (v3)
663c442d-f918-4f62-b096-0bf5dcbeb655|OpenAPI|High|Access Control|Query details
Documentation
|
+|Security Field On Operations Has An Empty Array (v3)
663c442d-f918-4f62-b096-0bf5dcbeb655|OpenAPI|High|Access Control|Query details
Documentation
|
|Security Field On Operations Has An Empty Object Definition (v2)
74581e3b-1d55-4323-a139-5959a7b3abc5|OpenAPI|High|Access Control|
Documentation
|
-|Security Field On Operations Has An Empty Object Definition (v3)
baade968-7467-41e4-bf22-83ca222f5800|OpenAPI|High|Access Control|Query details
Documentation
|
+|Security Field On Operations Has An Empty Object Definition (v3)
baade968-7467-41e4-bf22-83ca222f5800|OpenAPI|High|Access Control|Query details
Documentation
|
|Array Without Maximum Number of Items (v2)
99eb2c95-2040-4104-9e7c-e16f7474d218|OpenAPI|Medium|Insecure Configurations|Array schema/parameter should have the field 'maxItems' set
Documentation
|
-|Array Without Maximum Number of Items (v3)
6998389e-66b2-473d-8d05-c8d71ac4d04d|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Array Without Maximum Number of Items (v3)
6998389e-66b2-473d-8d05-c8d71ac4d04d|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
|JSON Object Schema Without Properties (v2)
3d28f751-bc18-4f83-ace0-216b6086410b|OpenAPI|Medium|Insecure Configurations|
Documentation
|
-|JSON Object Schema Without Properties (v3)
9d967a2b-9d64-41a6-abea-dfc4960299bd|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|JSON Object Schema Without Properties (v3)
9d967a2b-9d64-41a6-abea-dfc4960299bd|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
|JSON Object Schema Without Type (v2)
62d52544-82ef-4b75-8308-cad49d50212b|OpenAPI|Medium|Insecure Configurations|
Documentation
|
-|JSON Object Schema Without Type (v3)
e2ffa504-d22a-4c94-b6c5-f661849d2db7|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|JSON Object Schema Without Type (v3)
e2ffa504-d22a-4c94-b6c5-f661849d2db7|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
|Pattern Undefined (v2)
afde15cf-9444-4126-8c62-41cd79db1d1d|OpenAPI|Medium|Insecure Configurations|String schema/parameter/header should have 'pattern' defined.
Documentation
|
-|Pattern Undefined (v3)
00b78adf-b83f-419c-8ed8-c6018441dd3a|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Pattern Undefined (v3)
00b78adf-b83f-419c-8ed8-c6018441dd3a|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
|Schema Object is Empty (v2)
967575e5-eb44-4c24-aadb-7e33608ed30a|OpenAPI|Medium|Insecure Configurations|
Documentation
|
-|Schema Object is Empty (v3)
500ce696-d501-41dd-86eb-eceb011a386f|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
+|Schema Object is Empty (v3)
500ce696-d501-41dd-86eb-eceb011a386f|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
|
|Response on operations that should have a body has undefined schema (v2)
31afbcb7-70e0-48bb-a31a-3374f95cf859|OpenAPI|Medium|Networking and Firewall|
Documentation
|
-|Response on operations that should have a body has undefined schema (v3)
a92be1d5-d762-484a-86d6-8cd0907ba100|OpenAPI|Medium|Networking and Firewall|Query details
Documentation
|
+|Response on operations that should have a body has undefined schema (v3)
a92be1d5-d762-484a-86d6-8cd0907ba100|OpenAPI|Medium|Networking and Firewall|Query details
Documentation
|
|API Key Exposed In Global Security (v2)
533a0d13-6e89-4551-ae33-bce14e5849c1|OpenAPI|Low|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.
Documentation
|
-|API Key Exposed In Global Security (v3)
aecee30b-8ea1-4776-a99c-d6d600f0862f|OpenAPI|Low|Access Control|Query details
Documentation
|
+|API Key Exposed In Global Security (v3)
aecee30b-8ea1-4776-a99c-d6d600f0862f|OpenAPI|Low|Access Control|Query details
Documentation
|
|API Key Exposed In Operation Security (v2)
392599e4-a4e2-403d-bc56-3fe05755782d|OpenAPI|Low|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.
Documentation
|
-|API Key Exposed In Operation Security (v3)
281b8071-6226-4a43-911d-fec246d422c2|OpenAPI|Low|Access Control|Query details
Documentation
|
+|API Key Exposed In Operation Security (v3)
281b8071-6226-4a43-911d-fec246d422c2|OpenAPI|Low|Access Control|Query details
Documentation
|
|Array Items Has No Type (v2)
8697a1a4-82c6-4603-8ac8-57529756744e|OpenAPI|Low|Insecure Configurations|Schema/Parameter array items type should be defined
Documentation
|
-|Array Items Has No Type (v3)
be0e0df7-f3d9-42a1-9b6f-d425f94872c4|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Array Items Has No Type (v3)
be0e0df7-f3d9-42a1-9b6f-d425f94872c4|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|Invalid Format (v2)
caf1793e-95dd-4b18-8d90-8f3c0ab5bddf|OpenAPI|Low|Insecure Configurations|
Documentation
|
-|Invalid Format (v3)
d929c031-078f-4241-b802-e224656ad890|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Invalid Format (v3)
d929c031-078f-4241-b802-e224656ad890|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|Maximum Length Undefined (v2)
2ec86e48-ab90-4cb6-a131-0502afd1f442|OpenAPI|Low|Insecure Configurations|String schema/parameter/header should have 'maxLength' defined.
Documentation
|
-|Maximum Length Undefined (v3)
8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Maximum Length Undefined (v3)
8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|Numeric Schema Without Format (v2)
3ed8fc82-c2bb-49e0-811f-c53923674c49|OpenAPI|Low|Insecure Configurations|
Documentation
|
-|Numeric Schema Without Format (v3)
fbf699b5-ef74-4542-9cf1-f6eeac379373|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Numeric Schema Without Format (v3)
fbf699b5-ef74-4542-9cf1-f6eeac379373|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|Numeric Schema Without Maximum (v2)
203eee11-15b6-4d47-b888-4c7f534967ee|OpenAPI|Low|Insecure Configurations|
Documentation
|
-|Numeric Schema Without Maximum (v3)
2ea04bef-c769-409e-9179-ee3a50b5c0ac|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Numeric Schema Without Maximum (v3)
2ea04bef-c769-409e-9179-ee3a50b5c0ac|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|Numeric Schema Without Minimum (v2)
efd1dfc8-da91-4909-a3f3-c23abc5ec799|OpenAPI|Low|Insecure Configurations|
Documentation
|
-|Numeric Schema Without Minimum (v3)
181bd815-767e-4e95-a24d-bb3c87328e19|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|Numeric Schema Without Minimum (v3)
181bd815-767e-4e95-a24d-bb3c87328e19|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|String Schema with Broad Pattern (v2)
e4a019f0-9af3-49c8-bf68-1939a6ff240d|OpenAPI|Low|Insecure Configurations|
Documentation
|
-|String Schema with Broad Pattern (v3)
8c81d6c0-716b-49ec-afa5-2d62da4e3f3c|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
+|String Schema with Broad Pattern (v3)
8c81d6c0-716b-49ec-afa5-2d62da4e3f3c|OpenAPI|Low|Insecure Configurations|Query details
Documentation
|
|Default Response Undefined On Operations (v2)
5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Default Response Undefined On Operations (v3)
86e3702f-c868-44b2-b61d-ea5316c18110|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Default Response Undefined On Operations (v3)
86e3702f-c868-44b2-b61d-ea5316c18110|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Response Code Missing (v2)
6e96ed39-bf45-4089-99ba-f1fe7cf6966f|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Response Code Missing (v3)
6c35d2c6-09f2-4e5c-a094-e0e91327071d|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Response Code Missing (v3)
6c35d2c6-09f2-4e5c-a094-e0e91327071d|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Response on operations that should not have a body has declared content (v2)
268defd2-2839-4e15-8cbc-de86eb38c231|OpenAPI|Low|Networking and Firewall|If a response is head or its code is 204 or 304, it shouldn't have a schema defined
Documentation
|
-|Response on operations that should not have a body has declared content (v3)
12a7210b-f4b4-47d0-acac-0a819e2a0ca3|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Response on operations that should not have a body has declared content (v3)
12a7210b-f4b4-47d0-acac-0a819e2a0ca3|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Delete Operation (v2)
ad432855-b7fb-4429-92a3-93b5ce34f0b1|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Delete Operation (v3)
3b497874-ae59-46dd-8d72-1868a3b8f150|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Delete Operation (v3)
3b497874-ae59-46dd-8d72-1868a3b8f150|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Get Operation (v2)
9b633f3b-c94b-4fbb-a65b-1a4e9134fb63|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Get Operation (v3)
b2f275be-7d64-4064-b418-be6b431363a7|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Get Operation (v3)
b2f275be-7d64-4064-b418-be6b431363a7|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Head Operation (v2)
4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Head Operation (v3)
3b066059-f411-4554-ac8d-96f32bff90da|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Head Operation (v3)
3b066059-f411-4554-ac8d-96f32bff90da|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Patch Operation (v2)
f36e87cc-a209-4f37-8571-66833e4aead7|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Patch Operation (v3)
1908a8ee-927d-4166-8f18-241152170cc1|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Patch Operation (v3)
1908a8ee-927d-4166-8f18-241152170cc1|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Post Operation (v2)
9fedee41-2e6d-4091-b011-4a16b4c18c70|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Post Operation (v3)
f368dd2d-9344-4146-a05b-7c6faa1269ad|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Post Operation (v3)
f368dd2d-9344-4146-a05b-7c6faa1269ad|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Put Operation (v2)
965a043f-5f3c-4d0a-be72-d9ce12fdb4d6|OpenAPI|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Put Operation (v3)
60b5f56b-66ff-4e1c-9b62-5753e16825bc|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Put Operation (v3)
60b5f56b-66ff-4e1c-9b62-5753e16825bc|OpenAPI|Low|Networking and Firewall|Query details
Documentation
|
|Example Not Compliant With Schema Type (v2)
448db771-06ea-4dee-b48c-1689cbfb4b43|OpenAPI|Info|Best Practices|
Documentation
|
-|Example Not Compliant With Schema Type (v3)
881a6e71-c2a7-4fe2-b9c3-dfcf08895331|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Example Not Compliant With Schema Type (v3)
881a6e71-c2a7-4fe2-b9c3-dfcf08895331|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Header Parameter Named as 'Accept' (v2)
3ddd74cc-6582-486c-8b0c-2b48cb38e0a3|OpenAPI|Info|Best Practices|
Documentation
|
-|Header Parameter Named as 'Accept' (v3)
f2702af5-6016-46cb-bbc8-84c766032095|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Header Parameter Named as 'Accept' (v3)
f2702af5-6016-46cb-bbc8-84c766032095|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Header Parameter Named as 'Authorization' (v2)
e2e00c97-7171-4fb4-b461-d631df9a711c|OpenAPI|Info|Best Practices|
Documentation
|
-|Header Parameter Named as 'Authorization' (v3)
8c84f75e-5048-4926-a4cb-33e7b3431300|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Header Parameter Named as 'Authorization' (v3)
8c84f75e-5048-4926-a4cb-33e7b3431300|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Header Parameter Named as 'Content-Type' (v2)
51978067-3b22-4c29-aaf3-96bf0bc28897|OpenAPI|Info|Best Practices|
Documentation
|
-|Header Parameter Named as 'Content-Type' (v3)
72d259ca-9741-48dd-9f62-eb11f2936b37|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Header Parameter Named as 'Content-Type' (v3)
72d259ca-9741-48dd-9f62-eb11f2936b37|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Header Response Name Is Invalid (v2)
86733e01-a435-4bd5-a8b0-5108be9dc1e4|OpenAPI|Info|Best Practices|
Documentation
|
-|Header Response Name Is Invalid (v3)
d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Header Response Name Is Invalid (v3)
d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid Contact Email (v2)
d83bebc8-4e5e-4241-b783-cba9fb5a1c9a|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid Contact Email (v3)
b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Contact Email (v3)
b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid Contact URL (v2)
c7000383-16d0-4509-8cd3-585e5ea2e2f2|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid Contact URL (v3)
332cf2ad-380d-4b90-b436-46f8e635cf38|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Contact URL (v3)
332cf2ad-380d-4b90-b436-46f8e635cf38|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid Global External Documentation URL (v2)
46d3b74d-9fe9-45bf-9e9e-efb7f701ee28|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid Global External Documentation URL (v3)
b2d9dbf6-539c-4374-a1fd-210ddf5563a8|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Global External Documentation URL (v3)
b2d9dbf6-539c-4374-a1fd-210ddf5563a8|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid License URL (v2)
de2b4910-8484-46d6-a055-dc1e793ee3ff|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid License URL (v3)
9239c289-9e4c-4d92-8be1-9d506057c971|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid License URL (v3)
9239c289-9e4c-4d92-8be1-9d506057c971|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid Operation External Documentation URL (v2)
25635c31-ee32-4708-88e5-fced87516f51|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid Operation External Documentation URL (v3)
5ea61624-3733-4a3a-8ca4-b96fec9c5aeb|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Operation External Documentation URL (v3)
5ea61624-3733-4a3a-8ca4-b96fec9c5aeb|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid Schema External Documentation URL (v2)
f7fa95b7-d819-484c-9a2b-665dd1bba25e|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid Schema External Documentation URL (v3)
6952a7e0-6e48-4285-bbc1-27c64e60f888|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Schema External Documentation URL (v3)
6952a7e0-6e48-4285-bbc1-27c64e60f888|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Invalid Tag External Documentation URL (v2)
b4a7d925-738b-4219-99d9-87d6ee262a03|OpenAPI|Info|Best Practices|
Documentation
|
-|Invalid Tag External Documentation URL (v3)
5aea1d7e-b834-4749-b143-2c7ec3bd5922|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Invalid Tag External Documentation URL (v3)
5aea1d7e-b834-4749-b143-2c7ec3bd5922|OpenAPI|Info|Best Practices|Query details
Documentation
|
|JSON '$ref' alongside other properties (v2)
f34c1c68-4773-4df0-a103-6e2ca32e585f|OpenAPI|Info|Best Practices|
Documentation
|
-|JSON '$ref' alongside other properties (v3)
96beb800-566f-49a9-a0ea-dbdf4bc80429|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|JSON '$ref' alongside other properties (v3)
96beb800-566f-49a9-a0ea-dbdf4bc80429|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Object Using Enum With Keyword (v2)
7f15962a-d862-451c-ac9b-84ec13747aa6|OpenAPI|Info|Best Practices|Schema/Parameter/Header Object properties should not contain 'enum' and schema keywords
Documentation
|
-|Object Using Enum With Keyword (v3)
2e9b6612-8f69-42e0-a5b8-ed17739c2f3a|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Object Using Enum With Keyword (v3)
2e9b6612-8f69-42e0-a5b8-ed17739c2f3a|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Operation Without Successful HTTP Status Code (v2)
a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2|OpenAPI|Info|Best Practices|
Documentation
|
-|Operation Without Successful HTTP Status Code (v3)
48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Operation Without Successful HTTP Status Code (v3)
48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Path Without Operation (v2)
609cd557-66b4-41fa-8edd-2abc6c7cfd08|OpenAPI|Info|Best Practices|
Documentation
|
-|Path Without Operation (v3)
84c826c9-1893-4b34-8cdd-db97645b4bf3|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Path Without Operation (v3)
84c826c9-1893-4b34-8cdd-db97645b4bf3|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Required Property With Default Value (v2)
f7ab6c83-ef89-40e1-8a99-32e2599fb665|OpenAPI|Info|Best Practices|
Documentation
|
-|Required Property With Default Value (v3)
013bdb4b-9246-4248-b0c3-7fb0fee42a29|OpenAPI|Info|Best Practices|Query details
Documentation
|
+|Required Property With Default Value (v3)
013bdb4b-9246-4248-b0c3-7fb0fee42a29|OpenAPI|Info|Best Practices|Query details
Documentation
|
|Default Invalid (v2)
78dfd8f0-a6ee-48ec-af8c-e4d9b3292a07|OpenAPI|Info|Structure and Semantics|The field 'default' of Schema/Parameter/Header Object should be consistent with the schema's/parameter's/header's type
Documentation
|
-|Default Invalid (v3)
a96bbc06-8cde-4295-ad3c-ee343a7f658e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Default Invalid (v3)
a96bbc06-8cde-4295-ad3c-ee343a7f658e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Items Undefined (v2)
3e4d34d2-36cf-4449-976d-6c256db8fc49|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Items Undefined (v3)
a8e859da-4a43-4e7f-94b8-25d6e3bf8e90|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Items Undefined (v3)
a8e859da-4a43-4e7f-94b8-25d6e3bf8e90|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Non-Array Schema With Items (v2)
9d47956b-29cd-43b1-9e6e-b39a4d484353|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Non-Array Schema With Items (v3)
20cb3159-b219-496b-8dac-54ae3ab2021a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Non-Array Schema With Items (v3)
20cb3159-b219-496b-8dac-54ae3ab2021a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|OperationId Not Unique (v2)
21245007-91c4-40e5-964e-40c85d1e5aa6|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|OperationId Not Unique (v3)
c254adc4-ef25-46e1-8270-b7944adb4198|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|OperationId Not Unique (v3)
c254adc4-ef25-46e1-8270-b7944adb4198|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Parameter Objects Headers With Duplicated Name (v2)
bd2cbef5-62c4-40f1-af07-4b7f9ced6616|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Parameter Objects Headers With Duplicated Name (v3)
05505192-ba2c-4a81-9b25-dcdbcc973746|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Objects Headers With Duplicated Name (v3)
05505192-ba2c-4a81-9b25-dcdbcc973746|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Parameters Name In Combination Not Unique (v2)
ab871897-ec02-4835-9818-702536ee1dda|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Parameters Name In Combination Not Unique (v3)
f5b2e6af-76f5-496d-8482-8f898c5fdb4a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Parameters Name In Combination Not Unique (v3)
f5b2e6af-76f5-496d-8482-8f898c5fdb4a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Path Is Ambiguous (v2)
b2468463-3ac4-4930-890c-f35b2bf4485d|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Path Is Ambiguous (v3)
237402e2-c2f0-46c9-9cf5-286160cf7bfc|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Path Is Ambiguous (v3)
237402e2-c2f0-46c9-9cf5-286160cf7bfc|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Path Parameter Not Required (v2)
ccd0613f-cb77-4684-a892-183bd2674d12|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Path Parameter Not Required (v3)
0de50145-e845-47f4-9a15-23bcf2125710|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Path Parameter Not Required (v3)
0de50145-e845-47f4-9a15-23bcf2125710|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Path Parameter With No Corresponding Template Path (v2)
194ef1f8-360e-4c14-8ed2-e83e2bafa142|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Path Parameter With No Corresponding Template Path (v3)
69d7aefd-149d-47b8-8d89-1c2181a8067b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Path Parameter With No Corresponding Template Path (v3)
69d7aefd-149d-47b8-8d89-1c2181a8067b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Path Template is Empty (v2)
c201b7ad-6173-4598-a407-5edb04a1bcd7|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Path Template is Empty (v3)
ae13a37d-943b-47a7-a970-83c8598bcca3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Path Template is Empty (v3)
ae13a37d-943b-47a7-a970-83c8598bcca3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Paths Object is Empty (v2)
3e6c7b1c-8a8d-43ab-98b9-65159f44db4a|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Paths Object is Empty (v3)
815021c8-a50c-46d9-b192-24f71072c400|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Paths Object is Empty (v3)
815021c8-a50c-46d9-b192-24f71072c400|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Properties Missing Required Property (v2)
71beb6ab-8b70-4816-a9ac-a0ff1fb22a62|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Properties Missing Required Property (v3)
3fb03214-25d4-4bd4-867c-c2d8d708a483|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Properties Missing Required Property (v3)
3fb03214-25d4-4bd4-867c-c2d8d708a483|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Property 'allowEmptyValue' Improperly Defined (v2)
0bc1477d-0922-478b-ae16-674a7634a1a8|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Property 'allowEmptyValue' Improperly Defined (v3)
4bcbcd52-3028-469f-bc14-02c7dbba2df2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Property 'allowEmptyValue' Improperly Defined (v3)
4bcbcd52-3028-469f-bc14-02c7dbba2df2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Property Defining Minimum Greater Than Maximum (v2)
b5102ea9-6527-4bb7-94fc-9b4076150e55|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Property Defining Minimum Greater Than Maximum (v3)
ab2af219-cd08-4233-b5a1-a788aac88b51|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Property Defining Minimum Greater Than Maximum (v3)
ab2af219-cd08-4233-b5a1-a788aac88b51|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Responses Object Is Empty (v2)
6172e7ab-d2b7-45f8-a7db-1603931d8ba3|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Responses Object Is Empty (v3)
990eaf09-d6f1-4c3c-b174-a517b1de8917|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Responses Object Is Empty (v3)
990eaf09-d6f1-4c3c-b174-a517b1de8917|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Responses With Wrong HTTP Status Code (v2)
069a5378-2091-43f0-aa3b-ee8f20996e99|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Responses With Wrong HTTP Status Code (v3)
d86655c0-92f6-4ffc-b4d5-5b5775804c27|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Responses With Wrong HTTP Status Code (v3)
d86655c0-92f6-4ffc-b4d5-5b5775804c27|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Discriminator Mismatch Defined Properties (v2)
addc0eab-27f6-4c26-8526-d2ccd3732662|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Discriminator Mismatch Defined Properties (v3)
40d3df21-c170-4dbe-9c02-4289b51f994f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Discriminator Mismatch Defined Properties (v3)
40d3df21-c170-4dbe-9c02-4289b51f994f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Discriminator Not Required (v2)
be6a3722-af60-438c-b1b9-2a03e2958ab7|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Discriminator Not Required (v3)
b481d46c-9c61-480f-86d9-af07146dc4a4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Discriminator Not Required (v3)
b481d46c-9c61-480f-86d9-af07146dc4a4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Discriminator Property Not String (v2)
949376f1-f560-4c6d-a016-63424ca931bb|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Discriminator Property Not String (v3)
dadc2f36-1f5a-46c0-8289-75e626583123|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Discriminator Property Not String (v3)
dadc2f36-1f5a-46c0-8289-75e626583123|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Enum Invalid (v2)
8fe6d18a-ad4c-4397-8884-e3a9da57f4c9|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Enum Invalid (v3)
03856cb2-e46c-4daf-bfbf-214ec93c882b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Enum Invalid (v3)
03856cb2-e46c-4daf-bfbf-214ec93c882b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Has A Required Property Undefined (v2)
811762c8-2e99-4f70-88f9-a63875a953b1|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Has A Required Property Undefined (v3)
2bd608ae-8a1f-457f-b710-c237883cb313|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Has A Required Property Undefined (v3)
2bd608ae-8a1f-457f-b710-c237883cb313|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Object Properties With Duplicated Keys (v2)
ded017bf-fb13-4f8d-868b-84aebcc572ad|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Object Properties With Duplicated Keys (v3)
10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object Properties With Duplicated Keys (v3)
10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Schema Object With Circular Ref (v2)
cbff2508-85c9-4448-a8b3-770070edf5ca|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Schema Object With Circular Ref (v3)
1a1aea94-745b-40a7-b860-0702ea6ee636|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object With Circular Ref (v3)
1a1aea94-745b-40a7-b860-0702ea6ee636|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Template Path With No Corresponding Path Parameter (v2)
e7656d8d-7288-4bbe-b07b-22b389be75ce|OpenAPI|Info|Structure and Semantics|
Documentation
|
-|Template Path With No Corresponding Path Parameter (v3)
561710b1-b845-4562-95ce-2397a05ccef4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Template Path With No Corresponding Path Parameter (v3)
561710b1-b845-4562-95ce-2397a05ccef4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
|Type Has Invalid Keyword (v2)
492c6cbb-f3f8-4807-aa4f-42b8b1c46b59|OpenAPI|Info|Structure and Semantics|Schema/Parameter/Header Object define type should not use a keyword of another type
Documentation
|
-|Type Has Invalid Keyword (v3)
a9228976-10cf-4b5f-b902-9e962aad037a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
-|Amazon DMS Replication Instance Is Publicly Accessible
bccb296f-362c-4b05-9221-86d1437a1016|Pulumi|Critical|Access Control|Query details
Documentation
|
-|DynamoDB Table Not Encrypted
b6a7e0ae-aed8-4a19-a993-a95760bf8836|Pulumi|High|Encryption|Query details
Documentation
|
-|ElastiCache Nodes Not Created Across Multi AZ
9b18fc19-7fb8-49b1-8452-9c757c70f926|Pulumi|Medium|Availability|Query details
Documentation
|
-|ElastiCache Redis Cluster Without Backup
e93bbe63-a631-4c0f-b6ef-700d48441ff2|Pulumi|Medium|Backup|Query details
Documentation
|
-|API Gateway Without SSL Certificate
f27791a5-e2ae-4905-8910-6f995c576d09|Pulumi|Medium|Insecure Configurations|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
647de8aa-5a42-41b5-9faf-22136f117380|Pulumi|Medium|Insecure Configurations|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
00603add-7f72-448f-a6c0-9e456a7a3f94|Pulumi|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Access Logging Disabled
bf4b48b9-fc1f-4552-984a-4becdb5bf503|Pulumi|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
2ca87964-fe7e-4cdc-899c-427f0f3525f8|Pulumi|Medium|Observability|Query details
Documentation
|
-|EC2 Instance Monitoring Disabled
daa581ef-731c-4121-832d-cf078f67759d|Pulumi|Medium|Observability|Query details
Documentation
|
-|Elasticsearch Logs Disabled
a1120ee4-a712-42d9-8fb5-22595fed643b|Pulumi|Medium|Observability|Query details
Documentation
|
-|IAM Password Without Minimum Length
9850d621-7485-44f7-8bdd-b3cf426315cf|Pulumi|Low|Best Practices|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
abcefee4-a0c1-4245-9f82-a473f79a9e2f|Pulumi|Low|Observability|Query details
Documentation
|
-|DynamoDB Table Point In Time Recovery Disabled
327b0729-4c5c-4c44-8b5c-e476cd9c7290|Pulumi|Info|Best Practices|Query details
Documentation
|
-|EC2 Not EBS Optimized
d991e4ae-42ab-429b-ab43-d5e5fa9ca633|Pulumi|Info|Best Practices|Query details
Documentation
|
-|Storage Account Not Forcing HTTPS
cb8e4bf0-903d-45c6-a278-9a947d82a27b|Pulumi|Medium|Encryption|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
49e30ac8-f58e-4222-b488-3dcb90158ec1|Pulumi|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Compute SSL Policy Weak Cipher In Use
965e8830-2bec-4b9b-a7f0-24dbc200a68f|Pulumi|Medium|Encryption|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
48f7e44d-d1d1-44c2-b336-9f11b65c4fb0|Pulumi|Medium|Observability|Query details
Documentation
|
-|PSP Set To Privileged
ee305555-6b1d-4055-94cf-e22131143c34|Pulumi|High|Insecure Configurations|Query details
Documentation
|
-|Missing App Armor Config
95588189-1abd-4df1-9588-b0a5034f9e87|Pulumi|Medium|Access Control|Query details
Documentation
|
-|Serverless Role With Full Privileges
59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd|ServerlessFW|High|Access Control|Query details
Documentation
|
-|Serverless Function Without Unique IAM Role
165aae3b-a56a-48f3-b76d-d2b5083f5b8f|ServerlessFW|High|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Environment Variables Not Encrypted
4495bc5d-4d1e-4a26-ae92-152d18195648|ServerlessFW|Medium|Encryption|Query details
Documentation
|
-|Serverless API Endpoint Config Not Private
4d424558-c6d1-453c-be98-9a7f877abd9a|ServerlessFW|Medium|Networking and Firewall|Query details
Documentation
|
-|Serverless API Access Logging Setting Undefined
a4d32883-aac7-42e1-b403-9415af0f3846|ServerlessFW|Medium|Observability|Query details
Documentation
|
-|Serverless API X-Ray Tracing Disabled
434945e5-4dfd-41b1-aba1-47075ccd9265|ServerlessFW|Medium|Observability|Query details
Documentation
|
-|Serverless API Without Content Encoding
d5d1fe08-89db-440c-8725-b93223387309|ServerlessFW|Low|Encryption|Query details
Documentation
|
-|Serverless Function Without Dead Letter Queue
dec7bc85-d156-4f64-9a33-96ed3d9f3fed|ServerlessFW|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without Tags
f99d3482-fa8c-4f79-bad9-35212dded164|ServerlessFW|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without X-Ray Tracing
0d7ef70f-e176-44e6-bdba-add3e429788d|ServerlessFW|Low|Observability|Query details
Documentation
|
-|OSS Bucket Allows All Actions From All Principals
ec62a32c-a297-41ca-a850-cab40b42094a|Terraform|Critical|Access Control|Query details
Documentation
|
-|OSS Bucket Allows Delete Action From All Principals
8c0695d8-2378-4cd6-8243-7fd5894fa574|Terraform|Critical|Access Control|Query details
Documentation
|
-|OSS Bucket Allows Put Action From All Principals
fe286195-e75c-4359-bd58-00847c4f855a|Terraform|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
faaefc15-51a5-419e-bb5e-51a4b5ab3485|Terraform|Critical|Insecure Configurations|Query details
Documentation
|
-|OSS Bucket Allows List Action From All Principals
88541597-6f88-42c8-bac6-7e0b855e8ff6|Terraform|High|Access Control|Query details
Documentation
|
-|OSS Bucket Public Access Enabled
62232513-b16f-4010-83d7-51d0e1d45426|Terraform|High|Access Control|Query details
Documentation
|
-|Ecs Data Disk Kms Key Id Undefined
f262118c-1ac6-4bb3-8495-cc48f1775b85|Terraform|High|Encryption|Query details
Documentation
|
-|Launch Template Is Not Encrypted
1455cb21-1d48-46d6-8ae3-cef911b71fd5|Terraform|High|Encryption|Query details
Documentation
|
-|NAS File System Not Encrypted
67bfdff1-31ce-4525-b564-e94368735360|Terraform|High|Encryption|Query details
Documentation
|
-|NAS File System Without KMS
5f670f9d-b1b4-4c90-8618-2288f1ab9676|Terraform|High|Encryption|Query details
Documentation
|
-|RDS Instance TDE Status Disabled
44d434ca-a9bf-4203-8828-4c81a8d5a598|Terraform|High|Encryption|Query details
Documentation
|
-|OSS Bucket Has Static Website
2b13c6ff-b87a-484d-86fd-21ef6e97d426|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|OSS Bucket Ip Restriction Disabled
6107c530-7178-464a-88bc-df9cdd364ac8|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Public Security Group Rule All Ports or Protocols
60587dbd-6b67-432e-90f7-a8cf1892d968|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Public Security Group Rule Sensitive Port
2ae9d554-23fb-4065-bfd1-fe43d5f7c419|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Public Security Group Rule Unknown Port
dd706080-b7a8-47dc-81fb-3e8184430ec0|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|ActionTrail Trail OSS Bucket is Publicly Accessible
69b5d7da-a5db-4db9-a42e-90b65d0efb0b|Terraform|High|Observability|Query details
Documentation
|
-|Ram Policy Admin Access Not Attached to Users Groups Roles
e8e62026-da63-4904-b402-65adfe3ca975|Terraform|Medium|Access Control|Query details
Documentation
|
-|Ram Policy Attached to User
66505003-7aba-45a1-8d83-5162d5706ef5|Terraform|Medium|Access Control|Query details
Documentation
|
-|CMK Is Unusable
ed6e3ba0-278f-47b6-a1f5-173576b40b7e|Terraform|Medium|Availability|Query details
Documentation
|
-|OSS Bucket Versioning Disabled
70919c0b-2548-4e6b-8d7a-3d84ab6dabba|Terraform|Medium|Backup|Query details
Documentation
|
-|ROS Stack Retention Disabled
4bb06fa1-2114-4a00-b7b5-6aeab8b896f0|Terraform|Medium|Backup|Query details
Documentation
|
-|ROS Stack Without Template
92d65c51-5d82-4507-a2a1-d252e9706855|Terraform|Medium|Build Process|Query details
Documentation
|
-|Disk Encryption Disabled
39750e32-3fe9-453b-8c33-dd277acdb2cc|Terraform|Medium|Encryption|Query details
Documentation
|
-|OSS Bucket Encryption Using CMK Disabled
f20e97f9-4919-43f1-9be9-f203cd339cdd|Terraform|Medium|Encryption|Query details
Documentation
|
-|SLB Policy With Insecure TLS Version In Use
dbfc834a-56e5-4750-b5da-73fda8e73f70|Terraform|Medium|Encryption|Query details
Documentation
|
-|CS Kubernetes Node Pool Auto Repair Disabled
81ce9394-013d-4731-8fcc-9d229b474073|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
1b4565c0-4877-49ac-ab03-adebbccd42ae|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|ALB Listening on HTTP
ee3b1557-9fb5-4685-a95d-93f1edf2a0d7|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway API Protocol Not HTTPS
1bcdf9f0-b1aa-40a4-b8c6-cd7785836843|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|OSS Buckets Secure Transport Disabled
c01d10de-c468-4790-b3a0-fc887a56f289|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|RDS Instance SSL Action Disabled
7a1ee8a9-71be-4b11-bb70-efb62d16863b|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Action Trail Logging For All Regions Disabled
c065b98e-1515-4991-9dca-b602bd6a2fbb|Terraform|Medium|Observability|Query details
Documentation
|
-|OSS Bucket Logging Disabled
05db341e-de7d-4972-a106-3e2bd5ee53e1|Terraform|Medium|Observability|Query details
Documentation
|
-|RDS Instance Events Not Logged
b9c524a4-fe76-4021-a6a2-cb978fb4fde1|Terraform|Medium|Observability|Query details
Documentation
|
-|RDS Instance Log Connections Disabled
140869ea-25f2-40d4-a595-0c0da135114e|Terraform|Medium|Observability|Query details
Documentation
|
-|RDS Instance Log Disconnections Disabled
d53f4123-f8d8-4224-8cb3-f920b151cc98|Terraform|Medium|Observability|Query details
Documentation
|
-|RDS Instance Log Duration Disabled
a597e05a-c065-44e7-9cc8-742f572a504a|Terraform|Medium|Observability|Query details
Documentation
|
-|VPC Flow Logs Disabled
d2731f3d-a992-44ed-812e-f4f1c2747d71|Terraform|Medium|Observability|Query details
Documentation
|
-|No ROS Stack Policy
72ceb736-0aee-43ea-a191-3a69ab135681|Terraform|Medium|Resource Management|Query details
Documentation
|
-|High KMS Key Rotation Period
cb319d87-b90f-485e-a7e7-f2408380f309|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Max Login Attempts Unrecommended
e76fd7ab-7333-40c6-a2d8-ea28af4a319e|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Max Password Age Unrecommended
2bb13841-7575-439e-8e0a-cccd9ede2fa8|Terraform|Medium|Secret Management|Query details
Documentation
|
-|RAM Account Password Policy without Reuse Prevention
a8128dd2-89b0-464b-98e9-5d629041dfe0|Terraform|Medium|Secret Management|Query details
Documentation
|
-|RAM Security Preference Not Enforce MFA Login
dcda2d32-e482-43ee-a926-75eaabeaa4e0|Terraform|Low|Access Control|Query details
Documentation
|
-|OSS Bucket Transfer Acceleration Disabled
8f98334a-99aa-4d85-b72a-1399ca010413|Terraform|Low|Availability|Query details
Documentation
|
-|OSS Bucket Lifecycle Rule Disabled
7db8bd7e-9772-478c-9ec5-4bc202c5686f|Terraform|Low|Backup|Query details
Documentation
|
-|Kubernetes Cluster Without Terway as CNI Network Plugin
b9b7ada8-3868-4a35-854e-6100a2bb863d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Log Retention Is Not Greater Than 90 Days
ed6cf6ff-9a1f-491c-9f88-e03c0807f390|Terraform|Low|Observability|Query details
Documentation
|
-|RDS Instance Retention Period Not Recommended
dc158941-28ce-481d-a7fa-dc80761edf46|Terraform|Low|Observability|Query details
Documentation
|
-|ROS Stack Notifications Disabled
9ef08939-ea40-489c-8851-667870b2ef50|Terraform|Low|Observability|Query details
Documentation
|
-|Ram Account Password Policy Not Require At Least one Lowercase Character
89143358-cec6-49f5-9392-920c591c669c|Terraform|Low|Secret Management|Query details
Documentation
|
-|RAM Account Password Policy Not Require at Least one Uppercase Character
5e0fb613-ba9b-44c3-88f0-b44188466bfd|Terraform|Low|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Not Required Minimum Length
a9dfec39-a740-4105-bbd6-721ba163c053|Terraform|Low|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Not Required Numbers
063234c0-91c0-4ab5-bbd0-47ddb5f23786|Terraform|Low|Secret Management|Query details
Documentation
|
-|RAM Account Password Policy Not Required Symbols
41a38329-d81b-4be4-aef4-55b2615d3282|Terraform|Low|Secret Management|Query details
Documentation
|
-|Amazon DMS Replication Instance Is Publicly Accessible
030d3b18-1821-45b4-9e08-50efbe7becbb|Terraform|Critical|Access Control|Query details
Documentation
|
-|ECR Repository Is Publicly Accessible
e86e26fc-489e-44f0-9bcd-97305e4ba69a|Terraform|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Access to Any Principal
7af43613-6bb9-4a0e-8c4d-1314b799425e|Terraform|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read Or Write to All Users
38c5ee0d-7f22-4260-ab72-5073048df100|Terraform|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Grants WRITE_ACP Permission
64a222aa-7793-4e40-915f-4b302c76e4d4|Terraform|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Delete Action From All Principals
ffdf4b37-7703-4dfe-a682-9d2e99bc6c09|Terraform|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Put Action From All Principals
d24c0755-c028-44b1-b503-8e719c898832|Terraform|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With All Permissions
a4966c4f-9141-48b8-a564-ffe9959945bc|Terraform|Critical|Access Control|Query details
Documentation
|
-|SNS Topic is Publicly Accessible
b26d2b7e-60f6-413d-a3a1-a57db24aa2b3|Terraform|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
35113e6f-2c6b-414d-beec-7a9482d3b2d1|Terraform|Critical|Insecure Configurations|Query details
Documentation
|
-|DB Security Group With Public Scope
1e0ef61b-ad85-4518-a3d3-85eaad164885|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|RDS Associated with Public Subnet
2f737336-b18a-4602-8ea0-b200312e1ac1|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|CloudWatch Unauthorized Access Alarm Missing
4c18a45b-4ab1-4790-9f83-399ac695f1e5|Terraform|Critical|Observability|Query details
Documentation
|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
09c35abf-5852-4622-ac7a-b987b331232e|Terraform|High|Access Control|Query details
Documentation
|
-|ECS Service Admin Role Is Present
3206240f-2e87-4e58-8d24-3e19e7c83d7c|Terraform|High|Access Control|Query details
Documentation
|
-|IAM Policy Grants Full Permissions
575a2155-6af1-4026-b1af-d5bc8fe2a904|Terraform|High|Access Control|Query details
Documentation
|
-|IAM Role With Full Privileges
b1ffa705-19a3-4b73-b9d0-0c97d0663842|Terraform|High|Access Control|Query details
Documentation
|
-|Lambda With Vulnerable Policy
ad9dabc7-7839-4bae-a957-aa9120013f39|Terraform|High|Access Control|Query details
Documentation
|
-|MSK Broker Is Publicly Accessible
54378d69-dd7c-4b08-a43e-80d563396857|Terraform|High|Access Control|Query details
Documentation
|
-|Neptune Cluster Instance is Publicly Accessible
9ba198e0-fef4-464a-8a4d-75ea55300de7|Terraform|High|Access Control|Query details
Documentation
|
-|Neptune Cluster With IAM Database Authentication Disabled
c91d7ea0-d4d1-403b-8fe1-c9961ac082c5|Terraform|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to Any Authenticated User
57b9893d-33b1-4419-bcea-a717ea87e139|Terraform|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Get Action From All Principals
1df37f4b-7197-45ce-83f8-9994d2fcf885|Terraform|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows List Action From All Principals
66c6f96f-2d9e-417e-a998-9058aeeecd44|Terraform|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public Policy
1a4bc881-9f69-4d44-8c9a-d37d08f54c50|Terraform|High|Access Control|Query details
Documentation
|
-|S3 Bucket Public ACL Overridden By Public Access Block
bf878b1a-7418-4de3-b13c-3a86cf894920|Terraform|High|Access Control|Query details
Documentation
|
-|Secrets Manager With Vulnerable Policy
fa00ce45-386d-4718-8392-fb485e1f3c5b|Terraform|High|Access Control|Query details
Documentation
|
-|SES Policy With Allowed IAM Actions
34b921bd-90a0-402e-a0a5-dc73371fd963|Terraform|High|Access Control|Query details
Documentation
|
-|SQS Policy Allows All Actions
816ea8cf-d589-442d-a917-2dd0ce0e45e3|Terraform|High|Access Control|Query details
Documentation
|
-|SQS Queue Exposed
abb06e5f-ef9a-4a99-98c6-376d396bfcdf|Terraform|High|Access Control|Query details
Documentation
|
-|AmazonMQ Broker Encryption Disabled
3db3f534-e3a3-487f-88c7-0a9fbf64b702|Terraform|High|Encryption|Query details
Documentation
|
-|API Gateway Method Settings Cache Not Encrypted
b7c9a40c-23e4-4a2d-8d39-a3352f10f288|Terraform|High|Encryption|Query details
Documentation
|
-|Athena Database Not Encrypted
b2315cae-b110-4426-81e0-80bb8640cdd3|Terraform|High|Encryption|Query details
Documentation
|
-|Athena Workgroup Not Encrypted
d364984a-a222-4b5f-a8b0-e23ab19ebff3|Terraform|High|Encryption|Query details
Documentation
|
-|Aurora With Disabled at Rest Encryption
1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e|Terraform|High|Encryption|Query details
Documentation
|
-|Config Rule For Encrypted Volumes Disabled
abdb29d4-5ca1-4e91-800b-b3569bbd788c|Terraform|High|Encryption|Query details
Documentation
|
-|DAX Cluster Not Encrypted
f11aec39-858f-4b6f-b946-0a1bf46c0c87|Terraform|High|Encryption|Query details
Documentation
|
-|DB Instance Storage Not Encrypted
08bd0760-8752-44e1-9779-7bb369b2b4e4|Terraform|High|Encryption|Query details
Documentation
|
-|DOCDB Cluster Not Encrypted
bc1f9009-84a0-490f-ae09-3e0ea6d74ad6|Terraform|High|Encryption|Query details
Documentation
|
-|DOCDB Cluster Without KMS
4766d3ea-241c-4ee6-93ff-c380c996bd1a|Terraform|High|Encryption|Query details
Documentation
|
-|DynamoDB Table Not Encrypted
ce089fd4-1406-47bd-8aad-c259772bb294|Terraform|High|Encryption|Query details
Documentation
|
-|EBS Default Encryption Disabled
3d3f6270-546b-443c-adb4-bb6fb2187ca6|Terraform|High|Encryption|Query details
Documentation
|
-|EBS Volume Encryption Disabled
cc997676-481b-4e93-aa81-d19f8c5e9b12|Terraform|High|Encryption|Query details
Documentation
|
-|EBS Volume Snapshot Not Encrypted
e6b4b943-6883-47a9-9739-7ada9568f8ca|Terraform|High|Encryption|Query details
Documentation
|
-|ECS Task Definition Volume Not Encrypted
4d46ff3b-7160-41d1-a310-71d6d370b08f|Terraform|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
48207659-729f-4b5c-9402-f884257d794f|Terraform|High|Encryption|Query details
Documentation
|
-|EKS Cluster Encryption Disabled
63ebcb19-2739-4d3f-aa5c-e8bbb9b85281|Terraform|High|Encryption|Query details
Documentation
|
-|ElastiCache Replication Group Not Encrypted At Rest
76976de7-c7b1-4f64-a94f-90c1345914c2|Terraform|High|Encryption|Query details
Documentation
|
-|ElasticSearch Encryption With KMS Disabled
7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2|Terraform|High|Encryption|Query details
Documentation
|
-|ElasticSearch Not Encrypted At Rest
24e16922-4330-4e9d-be8a-caa90299466a|Terraform|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
4a800e14-c94a-442d-9067-5a2e9f6c0a4c|Terraform|High|Encryption|Query details
Documentation
|
-|Glue Data Catalog Encryption Disabled
01d50b14-e933-4c99-b314-6d08cd37ad35|Terraform|High|Encryption|Query details
Documentation
|
-|Glue Security Configuration Encryption Disabled
ad5b4e97-2850-4adf-be17-1d293e0b85ee|Terraform|High|Encryption|Query details
Documentation
|
-|Kinesis Not Encrypted With KMS
862fe4bf-3eec-4767-a517-40f378886b88|Terraform|High|Encryption|Query details
Documentation
|
-|Kinesis SSE Not Configured
5c6dd5e7-1fe0-4cae-8f81-4c122717cef3|Terraform|High|Encryption|Query details
Documentation
|
-|Launch Configuration Is Not Encrypted
4de9de27-254e-424f-bd70-4c1e95790838|Terraform|High|Encryption|Query details
Documentation
|
-|MSK Cluster Encryption Disabled
6db52fa6-d4da-4608-908a-89f0c59e743e|Terraform|High|Encryption|Query details
Documentation
|
-|Neptune Database Cluster Encryption Disabled
98d59056-f745-4ef5-8613-32bca8d40b7e|Terraform|High|Encryption|Query details
Documentation
|
-|RDS Database Cluster not Encrypted
656880aa-1388-488f-a6d4-8f73c23149b2|Terraform|High|Encryption|Query details
Documentation
|
-|RDS Storage Not Encrypted
3199c26c-7871-4cb3-99c2-10a59244ce7f|Terraform|High|Encryption|Query details
Documentation
|
-|Redis Not Compliant
254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4|Terraform|High|Encryption|Query details
Documentation
|
-|Redshift Not Encrypted
cfdcabb0-fc06-427c-865b-c59f13e898ce|Terraform|High|Encryption|Query details
Documentation
|
-|S3 Bucket Object Not Encrypted
5fb49a69-8d46-4495-a2f8-9c8c622b2b6e|Terraform|High|Encryption|Query details
Documentation
|
-|Sagemaker Endpoint Configuration Encryption Disabled
58b35504-0287-4154-bf69-02c0573deab8|Terraform|High|Encryption|Query details
Documentation
|
-|Sagemaker Notebook Instance Without KMS
f3674e0c-f6be-43fa-b71c-bf346d1aed99|Terraform|High|Encryption|Query details
Documentation
|
-|SNS Topic Not Encrypted
28545147-2fc6-42d5-a1f9-cf226658e591|Terraform|High|Encryption|Query details
Documentation
|
-|User Data Contains Encoded Private Key
443488f5-c734-460b-a36d-5b3f330174dc|Terraform|High|Encryption|Query details
Documentation
|
-|Workspaces Workspace Volume Not Encrypted
b9033580-6886-401a-8631-5f19f5bb24c7|Terraform|High|Encryption|Query details
Documentation
|
-|Batch Job Definition With Privileged Container Properties
66cd88ac-9ddf-424a-b77e-e55e17630bee|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|DB Security Group Has Public Interface
f0d8781f-99bf-4958-9917-d39283b168a0|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|KMS Key With Vulnerable Policy
7ebc9038-0bde-479a-acc4-6ed7b6758899|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Lambda Function With Privileged Role
1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|MQ Broker Is Publicly Accessible
4eb5f791-c861-4afd-9f94-f2a6a3fe49cb|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Redshift Publicly Accessible
af173fde-95ea-4584-b904-bb3923ac4bda|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Root Account Has Active Access Keys
970d224d-b42a-416b-81f9-8f4dfe70c4bc|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|S3 Static Website Host Enabled
42bb6b7f-6d54-4428-b707-666f669d94fb|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|DB Security Group Open To Large Scope
4f615f3e-fb9c-4fad-8b70-2e9f781806ce|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Default Security Groups With Unrestricted Traffic
46883ce1-dc3e-4b17-9195-c6a601624c73|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Network ACL With Unrestricted Access To RDP
a20be318-cac7-457b-911d-04cc6e812c25|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Remote Desktop Port Open To Internet
151187cb-0efc-481c-babd-ad24e3c9bc22|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Route53 Record Undefined
25db74bf-fa3b-44da-934e-8c3e005c0453|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Entire Network
381c3f2a-ef6f-4eff-99f7-b169cda3422c|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Unknown Port Exposed To Internet
590d878b-abdc-428f-895a-e2b68a0e1998|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Unrestricted Security Group Ingress
4728cd65-a20c-49da-8b31-9c08b423e4db|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|VPC Default Security Group Accepts All Traffic
9a4ef195-74b9-4c58-b8ed-2b2fe4353a75|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|VPC Peering Route Table with Unrestricted CIDR
b3a41501-f712-4c4f-81e5-db9a7dc0e34e|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|CloudTrail Log Files S3 Bucket is Publicly Accessible
bd0088a5-c133-4b20-b129-ec9968b16ef3|Terraform|High|Observability|Query details
Documentation
|
-|Hardcoded AWS Access Key
d7b9d850-3e06-4a75-852f-c46c2e92240b|Terraform|High|Secret Management|Query details
Documentation
|
-|Hardcoded AWS Access Key In Lambda
1402afd8-a95c-4e84-8b0b-6fb43758e6ce|Terraform|High|Secret Management|Query details
Documentation
|
-|AMI Shared With Multiple Accounts
ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698|Terraform|Medium|Access Control|Query details
Documentation
|
-|API Gateway Method Does Not Contains An API Key
671211c5-5d2a-4e97-8867-30fc28b02216|Terraform|Medium|Access Control|Query details
Documentation
|
-|API Gateway Without Configured Authorizer
0a96ce49-4163-4ee6-8169-eb3b0797d694|Terraform|Medium|Access Control|Query details
Documentation
|
-|Certificate Has Expired
c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6|Terraform|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Using Default Security Group
f1adc521-f79a-4d71-b55b-a68294687432|Terraform|Medium|Access Control|Query details
Documentation
|
-|EFS With Vulnerable Policy
fae52418-bb8b-4ac2-b287-0b9082d6a3fd|Terraform|Medium|Access Control|Query details
Documentation
|
-|Elasticsearch Domain With Vulnerable Policy
16c4216a-50d3-4785-bfb2-4adb5144a8ba|Terraform|Medium|Access Control|Query details
Documentation
|
-|Elasticsearch Without IAM Authentication
e7530c3c-b7cf-4149-8db9-d037a0b5268e|Terraform|Medium|Access Control|Query details
Documentation
|
-|Glue With Vulnerable Policy
d25edb51-07fb-4a73-97d4-41cecdc53a22|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
9b0ffadc-a61f-4c2a-b1e6-68fab60f6267|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
15e6ad8c-f420-49a6-bafb-074f5eb1ec74|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
7d544dad-8a6c-431c-84c1-5f07fe9afc0e|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
8f3c16b3-354d-45db-8ad5-5066778a9485|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'
970ed7a2-0aca-4425-acf1-0453c9ecbca1|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
70b42736-efee-4bce-80d5-50358ed94990|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'
3dd96caa-0b5f-4a85-b929-acfac4646cc2|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'
db78d14b-10e5-4e6e-84b1-dace6327b1ec|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'
846646e3-2af1-428c-ac5d-271eccfa6faf|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'
04c686f1-e0cd-4812-88e1-4e038410074c|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ec49cbfd-fae4-45f3-81b1-860526d66e3f|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'
e77c89f6-9c85-49ea-b95b-5f960fe5be92|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'
c0c1e744-0f37-445e-924a-1846f0839f69|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'
60263b4a-6801-4587-911d-919c37ed733b|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
7782d4b3-e23e-432b-9742-d9528432e771|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
78f1ec6f-5659-41ea-bd48-d0a142dce4f2|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
ad296c0d-8131-4d6b-b030-1b0e73a99ad3|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
034d0aee-620f-4bf7-b7fb-efdf661fdb9e|Terraform|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
571254d8-aa6a-432e-9725-535d3ef04d69|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Access Key Is Exposed
7081f85c-b94d-40fd-8b45-a4f1cac75e46|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Group Without Users
fc101ca7-c9dd-4198-a1eb-0fbe92e80044|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Policies Attached To User
b4378389-a9aa-44ee-91e7-ef183f11079e|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Policies With Full Privileges
2f37c4a3-58b9-4afe-8a87-d7f1d2286f84|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services
bcdcbdc6-a350-4855-ae7c-d1e6436f7c97|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Role Allows All Principals To Assume
12b7e704-37f0-4d1e-911a-44bf60c48c21|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM Role Policy passRole Allows All
e39bee8c-fe54-4a3f-824d-e5e2d1cca40a|Terraform|Medium|Access Control|Query details
Documentation
|
-|IAM User With Access To Console
9ec311bf-dfd9-421f-8498-0b063c8bc552|Terraform|Medium|Access Control|Query details
Documentation
|
-|Lambda Permission Principal Is Wildcard
e08ed7eb-f3ef-494d-9d22-2e3db756a347|Terraform|Medium|Access Control|Query details
Documentation
|
-|Policy Without Principal
bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54|Terraform|Medium|Access Control|Query details
Documentation
|
-|Public and Private EC2 Share Role
c53c7a89-f9d7-4c7b-8b66-8a555be99593|Terraform|Medium|Access Control|Query details
Documentation
|
-|Public Lambda via API Gateway
3ef8696c-e4ae-4872-92c7-520bb44dfe77|Terraform|Medium|Access Control|Query details
Documentation
|
-|REST API With Vulnerable Policy
b161c11b-a59b-4431-9a29-4e19f63e6b27|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
be2aa235-bd93-4b68-978a-1cc65d49082f|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
30b88745-eebe-4ecb-a3a9-5cf886e96204|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
0a592060-8166-49f5-8e65-99ac6dce9871|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
eda48c88-2b7d-4e34-b6ca-04c0194aee17|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'
b8a31292-509d-4b61-bc40-13b167db7e9c|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
f906113d-cdc0-415a-ba60-609cc6daaf4d|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'
f465fff1-0a0f-457d-aa4d-1bddb6f204ff|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'
7c96920c-6fd0-449d-9a52-0aa431b6beaf|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'
5b4d4aee-ac94-4810-9611-833636e5916d|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'
9a205ba3-0dd1-42eb-8d54-2ffec836b51a|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ee49557d-750c-4cc1-aa95-94ab36cbefde|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'
d6047119-a0b2-4b59-a4f2-127a36fb685b|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'
eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'
8f75840d-9ee7-42f3-b203-b40e3979eb12|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
118281d0-6471-422e-a7c5-051bc667926e|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
f1173d8c-3264-4148-9fdb-61181e031b51|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
35ccf766-0e4d-41ed-9ec4-2dab155082b4|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
fa62ac4f-f5b9-45b9-97c1-625c8b6253ca|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
c583f0f9-7dfd-476b-a056-f47c62b47b46|Terraform|Medium|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public ACL
d0cc8694-fcad-43ff-ac86-32331d7e867f|Terraform|Medium|Access Control|Query details
Documentation
|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously
5ea624e4-c8b1-4bb3-87a4-4235a776adcc|Terraform|Medium|Access Control|Query details
Documentation
|
-|SQS Policy With Public Access
730675f9-52ed-49b6-8ead-0acb5dd7df7f|Terraform|Medium|Access Control|Query details
Documentation
|
-|SSO Identity User Unsafe Creation
4003118b-046b-4640-b200-b8c7a4c8b89f|Terraform|Medium|Access Control|Query details
Documentation
|
-|SSO Policy with full privileges
132a8c31-9837-4203-9fd1-15ca210c7b73|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
19ffbe31-9d72-4379-9768-431195eae328|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
89561b03-cb35-44a9-a7e9-8356e71606f4|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
94fbe150-27e3-4eba-9ca6-af32865e4503|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
9b877bd8-94b4-4c10-a060-8e0436cc09fa|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AddUserToGroup'
bf9d42c7-c2f9-4dfe-942c-c8cc8249a081|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
6d23d87e-1c5b-4308-b224-92624300f29b|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'
e227091e-2228-4b40-b046-fc13650d8e88|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'
70cb518c-d990-46f6-bc05-44a5041493d6|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:CreateAccessKey'
113208f2-a886-4526-9ecc-f3218600e12c|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'
0fd7d920-4711-46bd-aff2-d307d82cd8b7|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
1743f5f1-0bb0-4934-acef-c80baa5dadfa|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'
8bfbf7ab-d5e8-4100-8618-798956e101e0|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:PutRolePolicy'
eeb4d37a-3c59-4789-a00c-1509bc3af1e5|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:PutUserPolicy'
0c10d7da-85c4-4d62-b2a8-d6c104f1bd77|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
43a41523-386a-4cb1-becb-42af6b414433|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
33627268-1445-4385-988a-318fd9d1a512|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
6deb34e2-5d9c-499a-801b-ea6d9eda894f|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
8055dec2-efb8-4fe6-8837-d9bed6ff202a|Terraform|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
b69247e5-7e73-464e-ba74-ec9b715c6e12|Terraform|Medium|Access Control|Query details
Documentation
|
-|Auto Scaling Group With No Associated ELB
8e94dced-9bcc-4203-8eb7-7e41202b2505|Terraform|Medium|Availability|Query details
Documentation
|
-|CMK Is Unusable
7350fa23-dcf7-4938-916d-6a60b0c73b50|Terraform|Medium|Availability|Query details
Documentation
|
-|ElastiCache Nodes Not Created Across Multi AZ
6db03a91-f933-4f13-ab38-a8b87a7de54d|Terraform|Medium|Availability|Query details
Documentation
|
-|ElastiCache Redis Cluster Without Backup
8fdb08a0-a868-4fdf-9c27-ccab0237f1ab|Terraform|Medium|Backup|Query details
Documentation
|
-|RDS Cluster With Backup Disabled
e542bd46-58c4-4e0f-a52a-1fb4f9548e02|Terraform|Medium|Backup|Query details
Documentation
|
-|RDS With Backup Disabled
1dc73fb4-5b51-430c-8c5f-25dcf9090b02|Terraform|Medium|Backup|Query details
Documentation
|
-|S3 Bucket Without Versioning
568a4d22-3517-44a6-a7ad-6a7eed88722c|Terraform|Medium|Backup|Query details
Documentation
|
-|Stack Retention Disabled
6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97|Terraform|Medium|Backup|Query details
Documentation
|
-|ALB Not Dropping Invalid Headers
6e3fd2ed-5c83-4c68-9679-7700d224d379|Terraform|Medium|Best Practices|Query details
Documentation
|
-|AMI Not Encrypted
8bbb242f-6e38-4127-86d4-d8f0b2687ae2|Terraform|Medium|Encryption|Query details
Documentation
|
-|CA Certificate Identifier Is Outdated
9f40c07e-699e-4410-8856-3ba0f2e3a2dd|Terraform|Medium|Encryption|Query details
Documentation
|
-|Cloudfront Viewer Protocol Policy Allows HTTP
55af1353-2f62-4fa0-a8e1-a210ca2708f5|Terraform|Medium|Encryption|Query details
Documentation
|
-|CloudWatch Log Group Without KMS
0afbcfe9-d341-4b92-a64c-7e6de0543879|Terraform|Medium|Encryption|Query details
Documentation
|
-|ElastiCache Replication Group Not Encrypted At Transit
1afbb3fa-cf6c-4a3d-b730-95e9f4df343e|Terraform|Medium|Encryption|Query details
Documentation
|
-|Elasticsearch Domain Not Encrypted Node To Node
967eb3e6-26fc-497d-8895-6428beb6e8e2|Terraform|Medium|Encryption|Query details
Documentation
|
-|ELB Using Insecure Protocols
126c1788-23c2-4a10-906c-ef179f4f96ec|Terraform|Medium|Encryption|Query details
Documentation
|
-|IAM Database Auth Not Enabled
88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6|Terraform|Medium|Encryption|Query details
Documentation
|
-|S3 Bucket Policy Accepts HTTP Requests
4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9|Terraform|Medium|Encryption|Query details
Documentation
|
-|Secretsmanager Secret Encrypted With AWS Managed Key
b0d3ef3f-845d-4b1b-83d6-63a5a380375f|Terraform|Medium|Encryption|Query details
Documentation
|
-|Secretsmanager Secret Without KMS
a2f548f2-188c-4fff-b172-e9a6acb216bd|Terraform|Medium|Encryption|Query details
Documentation
|
-|Secure Ciphers Disabled
5c0003fb-9aa0-42c1-9da3-eb0e332bef21|Terraform|Medium|Encryption|Query details
Documentation
|
-|SNS Topic Encrypted With AWS Managed Key
b1a72f66-2236-4f3b-87ba-0da1b366956f|Terraform|Medium|Encryption|Query details
Documentation
|
-|SQS With SSE Disabled
6e8849c1-3aa7-40e3-9063-b85ee300f29f|Terraform|Medium|Encryption|Query details
Documentation
|
-|SSM Session Transit Encryption Disabled
ce60cc6b-6831-4bd7-84a2-cc7f8ee71433|Terraform|Medium|Encryption|Query details
Documentation
|
-|ALB Deletion Protection Disabled
afecd1f1-6378-4f7e-bb3b-60c35801fdd4|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway With Open Access
15ccec05-5476-4890-ad19-53991eba1db8|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without Security Policy
4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without SSL Certificate
0b4869fc-a842-4597-aa00-1294df425440|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Certificate RSA Key Bytes Lower Than 256
874d68a3-bfbe-4a4b-aaa0-9e74d7da634b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
00e5e55e-c2ff-46b3-a757-a7a1cd802456|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|ECR Image Tag Not Immutable
d1846b12-20c5-4d45-8798-fc35b79268eb|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|ECS Task Definition Network Mode Not Recommended
9f4a9409-9c60-4671-be96-9716dbf63db1|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|EKS Cluster Has Public Access
42f4b905-3736-4213-bfe9-c0660518cda8|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|IAM User Has Too Many Access Keys
3561130e-9c5f-485b-9e16-2764c82763e5|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|No Password Policy Enabled
b592ffd4-0577-44b6-bd35-8c5ee81b5918|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket with Unsecured CORS Rule
98a8f708-121b-455b-ae2f-da3fb59d17e1|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Ignore Public ACL
4fa66806-0dd9-4f8d-9480-3174d39c7c91|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Restriction Of Public Bucket
1ec253ab-c220-4d63-b2de-5b40e0af9293|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Service Control Policies Disabled
5ba6229c-8057-433e-91d0-21cf13569ca9|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Default VPC Exists
96ed3526-0179-4c73-b1b2-372fde2e0d13|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Vulnerable Default SSL Certificate
3a1e94df-6847-4c0e-a3b6-6c6af4e128ef|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|ALB Is Not Integrated With WAF
0afa6ab8-a047-48cf-be07-93a2f8c34cf7|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|ALB Listening on HTTP
de7f5e83-da88-4046-871f-ea18504b1d43|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Endpoint Config is Not Private
6b2739db-9c49-4db7-b980-7816e0c248c1|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway without WAF
a186e82c-1078-4a7b-85d8-579561fde884|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Without WAF
1419b4c6-6d5c-4534-9cf6-6a5266085333|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Has Public IP
5a2486aa-facf-477d-a5c1-b010789459ce|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|EKS Cluster Has Public Access CIDRs
61cf9883-1752-4768-b18c-0d57f2737709|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|EKS node group remote access disabled
ba40ace1-a047-483c-8a8d-bc2d3a67a82d|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|HTTP Port Open To Internet
ffac8a12-322e-42c1-b9b9-81ff85c39ef7|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Network ACL With Unrestricted Access To SSH
3af7f2fd-06e6-4dab-b996-2912bea19ba4|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group With Unrestricted Access To SSH
65905cec-d691-4320-b320-2000436cb696|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Small Public Network
e35c16a2-d54e-419d-8546-a804d8e024d0|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
54c417bf-c762-48b9-9d31-b3d87047e3f0|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|VPC Subnet Assigns Public IP
52f04a44-6bfa-4c41-b1d3-4ae99a2de05c|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|VPC Without Network Firewall
fd632aaf-b8a1-424d-a4d1-0de22fd3247a|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Access Logging Disabled
1b6799eb-4a7a-4b04-9001-8cceb9999326|Terraform|Medium|Observability|Query details
Documentation
|
-|API Gateway Deployment Without Access Log Setting
625abc0e-f980-4ac9-a775-f7519ee34296|Terraform|Medium|Observability|Query details
Documentation
|
-|API Gateway With CloudWatch Logging Disabled
982aa526-6970-4c59-8b9b-2ce7e019fe36|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudFront Logging Disabled
94690d79-b3b0-43de-b656-84ebef5753e5|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudTrail Log Files S3 Bucket with Logging Disabled
ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudTrail Logging Disabled
4bb76f17-3d63-4529-bdca-2b454529d774|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch AWS Config Configuration Changes Alarm Missing
5b8d7527-de8e-4114-b9dd-9d988f1f418f|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch Changes To NACL Alarm Missing
0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0|Terraform|Medium|Observability|Query details
Documentation
|
-|Cloudwatch Cloudtrail Configuration Changes Alarm Missing
0f6cbf69-41bb-47dc-93f3-3844640bf480|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing
56a585f5-555c-48b2-8395-e64e4740a9cf|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch Logging Disabled
7dbba512-e244-42dc-98bb-422339827967|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch Management Console Auth Failed Alarm Missing
5864d189-ee9a-4009-ac0c-8a582e6b7919|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch Metrics Disabled
081069cb-588b-4ce1-884c-2a1ce3029fe5|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch Root Account Use Missing
8b1b1e67-6248-4dca-bbad-93486bb181c0|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch S3 policy Change Alarm Missing
27c6a499-895a-4dc7-9617-5c485218db13|Terraform|Medium|Observability|Query details
Documentation
|
-|Cloudwatch Security Group Changes Alarm Missing
4beaf898-9f8b-4237-89e2-5ffdc7ee6006|Terraform|Medium|Observability|Query details
Documentation
|
-|CloudWatch VPC Changes Alarm Missing
9d0d4512-1959-43a2-a17f-72360ff06d1b|Terraform|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
56f6a008-1b14-4af4-b9b2-ab7cf7e27641|Terraform|Medium|Observability|Query details
Documentation
|
-|EC2 Instance Monitoring Disabled
23b70e32-032e-4fa6-ba5c-82f56b9980e6|Terraform|Medium|Observability|Query details
Documentation
|
-|EKS cluster logging is not enabled
37304d3f-f852-40b8-ae3f-725e87a7cedf|Terraform|Medium|Observability|Query details
Documentation
|
-|Elasticsearch Log Disabled
acb6b4e2-a086-4f35-aefd-4db6ea51ada2|Terraform|Medium|Observability|Query details
Documentation
|
-|ELB Access Log Disabled
20018359-6fd7-4d05-ab26-d4dffccbdf79|Terraform|Medium|Observability|Query details
Documentation
|
-|Global Accelerator Flow Logs Disabled
96e8183b-e985-457b-90cd-61c0503a3369|Terraform|Medium|Observability|Query details
Documentation
|
-|GuardDuty Detector Disabled
704dadd3-54fc-48ac-b6a0-02f170011473|Terraform|Medium|Observability|Query details
Documentation
|
-|Missing Cluster Log Types
66f130d9-b81d-4e8e-9b08-da74b9c891df|Terraform|Medium|Observability|Query details
Documentation
|
-|MQ Broker Logging Disabled
31245f98-a6a9-4182-9fc1-45482b9d030a|Terraform|Medium|Observability|Query details
Documentation
|
-|MSK Cluster Logging Disabled
2f56b7ab-7fba-4e93-82f0-247e5ddeb239|Terraform|Medium|Observability|Query details
Documentation
|
-|Neptune Logging Is Disabled
45cff7b6-3b80-40c1-ba7b-2cf480678bb8|Terraform|Medium|Observability|Query details
Documentation
|
-|RDS Without Logging
8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56|Terraform|Medium|Observability|Query details
Documentation
|
-|Redshift Cluster Logging Disabled
15ffbacc-fa42-4f6f-a57d-2feac7365caa|Terraform|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Logging Disabled
f861041c-8c9f-4156-acfc-5e6e524f5884|Terraform|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Object Level CloudTrail Logging Disabled
a8fc2180-b3ac-4c93-bd0d-a55b974e4b07|Terraform|Medium|Observability|Query details
Documentation
|
-|Stack Notifications Disabled
b72d0026-f649-4c91-a9ea-15d8f681ac09|Terraform|Medium|Observability|Query details
Documentation
|
-|VPC FlowLogs Disabled
f83121ea-03da-434f-9277-9cd247ab3047|Terraform|Medium|Observability|Query details
Documentation
|
-|No Stack Policy
2f01fb2d-828a-499d-b98e-b83747305052|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Authentication Without MFA
3ddfa124-6407-4845-a501-179f90c65097|Terraform|Low|Access Control|Query details
Documentation
|
-|CloudWatch Logs Destination With Vulnerable Policy
db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8|Terraform|Low|Access Control|Query details
Documentation
|
-|EC2 Instance Using API Keys
0b93729a-d882-4803-bdc3-ac429a21f158|Terraform|Low|Access Control|Query details
Documentation
|
-|SSO Permission With Inadequate User Session Duration
ce9dfce0-5fc8-433b-944a-3b16153111a8|Terraform|Low|Access Control|Query details
Documentation
|
-|Autoscaling Groups Supply Tags
ba48df05-eaa1-4d64-905e-4a4b051e7587|Terraform|Low|Availability|Query details
Documentation
|
-|ECS Service Without Running Tasks
91f16d09-689e-4926-aca7-155157f634ed|Terraform|Low|Availability|Query details
Documentation
|
-|Automatic Minor Upgrades Disabled
3b6d777b-76e3-4133-80a3-0d6f667ade7f|Terraform|Low|Best Practices|Query details
Documentation
|
-|CDN Configuration Is Missing
1bc367f6-901d-4870-ad0c-71d79762ef52|Terraform|Low|Best Practices|Query details
Documentation
|
-|Cognito UserPool Without MFA
ec28bf61-a474-4dbe-b414-6dd3a067d6f0|Terraform|Low|Best Practices|Query details
Documentation
|
-|ECR Repository Without Policy
69e7c320-b65d-41bb-be02-d63ecc0bcc9d|Terraform|Low|Best Practices|Query details
Documentation
|
-|IAM Access Analyzer Not Enabled
e592a0c5-5bdb-414c-9066-5dba7cdea370|Terraform|Low|Best Practices|Query details
Documentation
|
-|IAM Password Without Minimum Length
1bc1c685-e593-450e-88fb-19db4c82aa1d|Terraform|Low|Best Practices|Query details
Documentation
|
-|Lambda IAM InvokeFunction Misconfigured
0ca1017d-3b80-423e-bb9c-6cd5898d34bd|Terraform|Low|Best Practices|Query details
Documentation
|
-|Lambda Permission Misconfigured
75ec6890-83af-4bf1-9f16-e83726df0bd0|Terraform|Low|Best Practices|Query details
Documentation
|
-|Misconfigured Password Policy Expiration
ce60d060-efb8-4bfd-9cf7-ff8945d00d90|Terraform|Low|Best Practices|Query details
Documentation
|
-|Password Without Reuse Prevention
89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a|Terraform|Low|Best Practices|Query details
Documentation
|
-|Stack Without Template
91bea7b8-0c31-4863-adc9-93f6177266c4|Terraform|Low|Build Process|Query details
Documentation
|
-|API Gateway With Invalid Compression
ed35928e-195c-4405-a252-98ccb664ab7b|Terraform|Low|Encryption|Query details
Documentation
|
-|CloudTrail Log Files Not Encrypted With KMS
5d9e3164-9265-470c-9a10-57ae454ac0c7|Terraform|Low|Encryption|Query details
Documentation
|
-|CodeBuild Project Encrypted With AWS Managed Key
3deec14b-03d2-4d27-9670-7d79322e3340|Terraform|Low|Encryption|Query details
Documentation
|
-|DOCDB Cluster Encrypted With AWS Managed Key
2134641d-30a4-4b16-8ffc-2cd4c4ffd15d|Terraform|Low|Encryption|Query details
Documentation
|
-|ECR Repository Not Encrypted With CMK
0e32d561-4b5a-4664-a6e3-a3fa85649157|Terraform|Low|Encryption|Query details
Documentation
|
-|EFS Without KMS
25d251f3-f348-4f95-845c-1090e41a615c|Terraform|Low|Encryption|Query details
Documentation
|
-|AWS Password Policy With Unchangeable Passwords
9ef7d25d-9764-4224-9968-fa321c56ef76|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|IAM User Policy Without MFA
b5681959-6c09-4f55-b42b-c40fa12d03ec|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Instance With No VPC
a31a5a29-718a-4ff4-8001-a69e5e4d029e|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Redis Disabled
4bd15dd9-8d5e-4008-8532-27eb0c3706d3|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Redshift Cluster Without VPC
0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Enabled MFA Delete
c5b31ab9-0f26-4a49-b8aa-4cc064392f4d|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Dynamodb VPC Endpoint Without Route Table Association
0bc534c5-13d1-4353-a7fe-b8665d5c1d7d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Using Default VPC
7e4a6e76-568d-43ef-8c4e-36dea481bff1|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Using Default Port
5d89db57-8b51-4b38-bb76-b9bd42bd40f0|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Without VPC
8c849af7-a399-46f7-a34c-32d3dc96f1fc|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|EMR Without VPC
2b3c8a6d-9856-43e6-ab1d-d651094f03b4|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|RDS Using Default Port
bca7cc4d-b3a4-4345-9461-eb69c68fcd26|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Redshift Using Default Port
41abc6cc-dde1-4217-83d3-fb5f0cc09d8f|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Wide Private Network
92fe237e-074c-4262-81a4-2077acb928c1|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Shield Advanced Not In Use
084c6686-2a70-4710-91b1-000393e54c12|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|SQS VPC Endpoint Without DNS Resolution
e9b7acf9-9ba0-4837-a744-31e7df1e434d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|API Gateway Deployment Without API Gateway UsagePlan Associated
b3a59b8e-94a3-403e-b6e2-527abaf12034|Terraform|Low|Observability|Query details
Documentation
|
-|API Gateway X-Ray Disabled
5813ef56-fa94-406a-b35d-977d4a56ff2b|Terraform|Low|Observability|Query details
Documentation
|
-|CloudTrail Log File Validation Disabled
52ffcfa6-6c70-4ea6-8376-d828d3961669|Terraform|Low|Observability|Query details
Documentation
|
-|CloudTrail Multi Region Disabled
8173d5eb-96b5-4aa6-a71b-ecfa153c123d|Terraform|Low|Observability|Query details
Documentation
|
-|CloudTrail Not Integrated With CloudWatch
17b30f8f-8dfb-4597-adf6-57600b6cf25e|Terraform|Low|Observability|Query details
Documentation
|
-|CloudTrail SNS Topic Name Undefined
482b7d26-0bdb-4b5f-bf6f-545826c0a3dd|Terraform|Low|Observability|Query details
Documentation
|
-|CloudWatch Console Sign-in Without MFA Alarm Missing
44ceb4fa-0897-4fd2-b676-30e7a58f2933|Terraform|Low|Observability|Query details
Documentation
|
-|CloudWatch IAM Policy Changes Alarm Missing
eaaba502-2f94-411a-a3c2-83d63cc1776d|Terraform|Low|Observability|Query details
Documentation
|
-|CloudWatch Network Gateways Changes Alarm Missing
6b6874fe-4c2f-4eea-8b90-7cceaa4a125e|Terraform|Low|Observability|Query details
Documentation
|
-|CloudWatch Route Table Changes Alarm Missing
2285e608-ddbc-47f3-ba54-ce7121e31216|Terraform|Low|Observability|Query details
Documentation
|
-|CMK Rotation Disabled
22fbfeac-7b5a-421a-8a27-7a2178bb910b|Terraform|Low|Observability|Query details
Documentation
|
-|Configuration Aggregator to All Regions Disabled
ac5a0bc0-a54c-45aa-90c3-15f7703b9132|Terraform|Low|Observability|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
97cb0688-369a-4d26-b1f7-86c4c91231bc|Terraform|Low|Observability|Query details
Documentation
|
-|ElasticSearch Without Slow Logs
e979fcbc-df6c-422d-9458-c33d65e71c45|Terraform|Low|Observability|Query details
Documentation
|
-|KMS Key With No Deletion Window
0b530315-0ea4-497f-b34c-4ff86268f59d|Terraform|Low|Observability|Query details
Documentation
|
-|Lambda Functions Without X-Ray Tracing
8152e0cf-d2f0-47ad-96d5-d003a76eabd1|Terraform|Low|Observability|Query details
Documentation
|
-|Unscanned ECR Image
9630336b-3fed-4096-8173-b9afdfe346a7|Terraform|Low|Observability|Query details
Documentation
|
-|API Gateway Stage Without API Gateway UsagePlan Associated
c999cf62-0920-40f8-8dda-0caccd66ed7e|Terraform|Low|Resource Management|Query details
Documentation
|
-|Security Group Not Used
4849211b-ac39-479e-ae78-5694d506cb24|Terraform|Info|Access Control|Query details
Documentation
|
-|DynamoDB Table Point In Time Recovery Disabled
741f1291-47ac-4a85-a07b-3d32a9d6bd3e|Terraform|Info|Best Practices|Query details
Documentation
|
-|EC2 Not EBS Optimized
60224630-175a-472a-9e23-133827040766|Terraform|Info|Best Practices|Query details
Documentation
|
-|Resource Not Using Tags
e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10|Terraform|Info|Best Practices|Query details
Documentation
|
-|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Terraform|Info|Best Practices|Query details
Documentation
|
-|Security Group Rule Without Description
cb3f5ed6-0d18-40de-a93d-b3538db31e8c|Terraform|Info|Best Practices|Query details
Documentation
|
-|CloudWatch AWS Organizations Changes Missing Alarm
38b85c45-e772-4de8-a247-69619ca137b3|Terraform|Info|Observability|Query details
Documentation
|
-|CloudWatch Without Retention Period Specified
ef0b316a-211e-42f1-888e-64efe172b755|Terraform|Info|Observability|Query details
Documentation
|
-|BOM - AWS DynamoDB
23edf35f-7c22-4ff9-87e6-0ca74261cfbf|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EBS
86571149-eef3-4280-a645-01e60df854b0|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EFS
f53f16d6-46a9-4277-9fbe-617b1e24cdca|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Elasticache
54229498-850b-4f78-b3a7-218d24ef2c37|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Kinesis
0e59d33e-bba2-4037-8f88-9765647ca7ad|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MQ
fcb1b388-f558-4b7f-9b6e-f4e98abb7380|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MSK
051f2063-2517-4295-ad8e-ba88c1bf5cfc|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS RDS
12933609-c5bf-44b4-9a41-a6467c3b685b|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS S3 Buckets
2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SNS
eccc4d59-74b9-4974-86f1-74386e0c7f33|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SQS
baecd2da-492a-4d59-b9dc-29540a1398e0|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|CosmosDB Account IP Range Filter Not Set
c2a3efb6-8a58-481c-82f2-bfddf34bb4b7|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Entirely Accessible
fd8da341-6760-4450-b26c-9f6d8850575e|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Publicly Accessible
5089d055-53ff-421b-9482-a5267bdce629|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|SQLServer Ingress From Any IP
25c0ea09-f1c5-4380-b055-3b83863f2bb8|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|Unrestricted SQL Server Access
d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
-|Public Storage Account
17f75827-0684-48f4-8747-61129c7e4198|Terraform|High|Access Control|Query details
Documentation
|
-|Storage Container Is Publicly Accessible
dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299|Terraform|High|Access Control|Query details
Documentation
|
-|Azure Container Registry With No Locks
a187ac47-8163-42ce-8a63-c115236be6fb|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Security Group is Not Configured
5c822443-e1ea-46b8-84eb-758ec602e844|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|MariaDB Server Public Network Access Enabled
7f0a8696-7159-4337-ad0d-8a3ab4a78195|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|MSSQL Server Public Network Access Enabled
ade36cf4-329f-4830-a83d-9db72c800507|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|MySQL Server Public Access Enabled
f118890b-2468-42b1-9ce9-af35146b425b|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|RDP Is Exposed To The Internet
efbf6449-5ec5-4cfe-8f15-acc51e0d787c|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Entire Network
594c198b-4d79-41b8-9b36-fde13348b619|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Admin User Enabled For Container Registry
b897dfbf-322c-45a8-b67c-1e698beeaa51|Terraform|Medium|Access Control|Query details
Documentation
|
-|AKS RBAC Disabled
86f92117-eed8-4614-9c6c-b26da20ff37f|Terraform|Medium|Access Control|Query details
Documentation
|
-|App Service Authentication Disabled
c7fc1481-2899-4490-bbd8-544a3a61a2f3|Terraform|Medium|Access Control|Query details
Documentation
|
-|Function App Authentication Disabled
e65a0733-94a0-4826-82f4-df529f4c593f|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role Assignment Not Limit Guest User Permissions
8e75e431-449f-49e9-b56a-c8f1378025cf|Terraform|Medium|Access Control|Query details
Documentation
|
-|Role Definition Allows Custom Role Creation
3fa5900f-9aac-4982-96b2-a6143d9c99fb|Terraform|Medium|Access Control|Query details
Documentation
|
-|Storage Share File Allows All ACL Permissions
48bbe0fd-57e4-4678-a4a1-119e79c90fc3|Terraform|Medium|Access Control|Query details
Documentation
|
-|Storage Table Allows All ACL Permissions
3ac3e75c-6374-4a32-8ba0-6ed69bda404e|Terraform|Medium|Access Control|Query details
Documentation
|
-|Azure Instance Using Basic Authentication
dafe30ec-325d-4516-85d1-e8e6776f012c|Terraform|Medium|Best Practices|Query details
Documentation
|
-|Key Vault Secrets Content Type Undefined
f8e08a38-fc6e-4915-abbe-a7aadf1d59ef|Terraform|Medium|Best Practices|Query details
Documentation
|
-|Security Contact Email
34664094-59e0-4524-b69f-deaa1a68cce3|Terraform|Medium|Best Practices|Query details
Documentation
|
-|App Service Not Using Latest TLS Encryption Version
b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643|Terraform|Medium|Encryption|Query details
Documentation
|
-|Encryption On Managed Disk Disabled
a99130ab-4c0e-43aa-97f8-78d4fcb30024|Terraform|Medium|Encryption|Query details
Documentation
|
-|Function App Not Using Latest TLS Encryption Version
45fc717a-bd86-415c-bdd8-677901be1aa6|Terraform|Medium|Encryption|Query details
Documentation
|
-|MySQL SSL Connection Disabled
73e42469-3a86-4f39-ad78-098f325b4e9f|Terraform|Medium|Encryption|Query details
Documentation
|
-|SSL Enforce Disabled
0437633b-daa6-4bbc-8526-c0d2443b946e|Terraform|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Forcing HTTPS
12944ec4-1fa0-47be-8b17-42a034f937c2|Terraform|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Using Latest TLS Encryption Version
8263f146-5e03-43e0-9cfe-db960d56d1e7|Terraform|Medium|Encryption|Query details
Documentation
|
-|AD Admin Not Configured For SQL Server
a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|AKS Private Cluster Disabled
599318f2-6653-4569-9e21-041d06c63a89|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|App Service FTPS Enforce Disabled
85da374f-b00f-4832-9d44-84a1ca1e89f8|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|App Service HTTP2 Disabled
525b53be-62ed-4244-b4df-41aecfcb4071|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Azure App Service Client Certificate Disabled
a81573f9-3691-4d83-88a0-7d4af63e17a3|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App Client Certificates Unrequired
9bb3c639-5edf-458c-8ee5-30c17c7d671d|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App FTPS Enforce Disabled
9dab0179-433d-4dff-af8f-0091025691df|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App HTTP2 Disabled
ace823d1-4432-4dee-945b-cdf11a5a6bd0|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App Managed Identity Disabled
c87749b3-ff10-41f5-9df2-c421e8151759|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Watcher Flow Disabled
b90842e5-6779-44d4-9760-972f4c03ba1c|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
e29a75e6-aba3-4896-b42d-b87818c16b58|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Redis Not Updated Regularly
b947809d-dd2f-4de9-b724-04d101c515aa|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Security Center Pricing Tier Is Not Standard
819d50fd-1cdf-45c3-9936-be408aaad93e|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Small Flow Logs Retention Period
7750fcca-dd03-4d38-b663-4b70289bcfd4|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|VM Not Attached To Network
bbf6b3df-4b65-4f87-82cc-da9f30f8c033|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Web App Accepting Traffic Other Than HTTPS
11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Default Azure Storage Account Network Access Is Too Permissive
a5613650-32ec-4975-a305-31af783153ea|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Azure Cognitive Search Public Network Access Enabled
4a9e0f00-0765-4f72-a0d4-d31110b78279|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache
a829b715-cf75-4e92-b645-54c9b739edfb|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Network Interfaces IP Forwarding Enabled
4216ebac-d74c-4423-b437-35025cb88af5|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Network Interfaces With Public IP
c1573577-e494-4417-8854-7e119368dc8b|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Small Public Network
e9dee01f-2505-4df2-b9bf-7804d1fd9082|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Is Exposed To The Internet
3e3c175e-aadf-4e2b-a464-3fdac5748d24|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Trusted Microsoft Services Not Enabled
5400f379-a347-4bdd-a032-446465fdcc6f|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|WAF Is Disabled For Azure Application Gateway
2e48d91c-50e4-45c8-9312-27b625868a72|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Email Alerts Disabled
9db38e87-f6aa-4b5e-a1ec-7266df259409|Terraform|Medium|Observability|Query details
Documentation
|
-|Log Retention Is Not Set
ffb02aca-0d12-475e-b77c-a726f7aeff4b|Terraform|Medium|Observability|Query details
Documentation
|
-|MSSQL Server Auditing Disabled
609839ae-bd81-4375-9910-5bce72ae7b92|Terraform|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Checkpoints Disabled
3790d386-be81-4dcf-9850-eaa7df6c10d9|Terraform|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Connections Not Set
c640d783-10c5-4071-b6c1-23507300d333|Terraform|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Disconnections Not Set
07f7134f-9f37-476e-8664-670c218e4702|Terraform|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Duration Not Set
16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f|Terraform|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Server Without Connection Throttling
2b3c671f-1b76-4741-8789-ed1fe0785dc4|Terraform|Medium|Observability|Query details
Documentation
|
-|SQL Server Auditing Disabled
f7e296b0-6660-4bc5-8f87-22ac4a815edf|Terraform|Medium|Observability|Query details
Documentation
|
-|Vault Auditing Disabled
38c71c00-c177-4cd7-8d36-cd1007cdb190|Terraform|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Server Threat Detection Policy Disabled
c407c3cf-c409-4b29-b590-db5f4138d332|Terraform|Medium|Resource Management|Query details
Documentation
|
-|SQL Database Audit Disabled
83a229ba-483e-47c6-8db7-dc96969bce5a|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Key Expiration Not Set
4d080822-5ee2-49a4-8984-68f3d4c890fc|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Secret Expiration Not Set
dfa20ffa-f476-428f-a490-424b41e91c7f|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Azure Active Directory Authentication
a21c8da9-41bf-40cf-941d-330cf0d11fc7|Terraform|Low|Access Control|Query details
Documentation
|
-|Virtual Network with DDoS Protection Plan disabled
b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a|Terraform|Low|Availability|Query details
Documentation
|
-|Geo Redundancy Is Disabled
8b042c30-e441-453f-b162-7696982ebc58|Terraform|Low|Backup|Query details
Documentation
|
-|MariaDB Server Geo-redundant Backup Disabled
0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1|Terraform|Low|Backup|Query details
Documentation
|
-|AKS Uses Azure Policies Add-On Disabled
43789711-161b-4708-b5bb-9d1c626f7492|Terraform|Low|Best Practices|Query details
Documentation
|
-|App Service Without Latest PHP Version
96fe318e-d631-4156-99fa-9080d57280ae|Terraform|Low|Best Practices|Query details
Documentation
|
-|App Service Without Latest Python Version
cc4aaa9d-1070-461a-b519-04e00f42db8a|Terraform|Low|Best Practices|Query details
Documentation
|
-|SQL Server Predictable Active Directory Account Name
bcd3fc01-5902-4f2a-b05a-227f9bbf5450|Terraform|Low|Best Practices|Query details
Documentation
|
-|SQL Server Predictable Admin Account Name
2ab6de9a-0136-415c-be92-79d2e4fd750f|Terraform|Low|Best Practices|Query details
Documentation
|
-|Cosmos DB Account Without Tags
56dad03e-e94f-4dd6-93a4-c253a03ff7a0|Terraform|Low|Build Process|Query details
Documentation
|
-|AKS Disk Encryption Set ID Undefined
b17d8bb8-4c08-4785-867e-cb9e62a622aa|Terraform|Low|Encryption|Query details
Documentation
|
-|PostgreSQL Server Infrastructure Encryption Disabled
6425c98b-ca4e-41fe-896a-c78772c131f8|Terraform|Low|Encryption|Query details
Documentation
|
-|AKS Network Policy Misconfigured
f5342045-b935-402d-adf1-8dbbd09c0eef|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Dashboard Is Enabled
61c3cb8b-0715-47e4-b788-86dde40dd2db|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Azure Front Door WAF Disabled
835a4f2f-df43-437d-9943-545ccfc55961|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Wide Private Network
c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Small Activity Log Retention Period
2b856bf9-8e8c-4005-875f-303a8cba3918|Terraform|Low|Observability|Query details
Documentation
|
-|Small MSSQL Audit Retention Period
9c301481-e6ec-44f7-8a49-8ec63e2969ea|Terraform|Low|Observability|Query details
Documentation
|
-|Small MSSQL Server Audit Retention
59acb56b-2b10-4c2c-ba38-f2223c3f5cfc|Terraform|Low|Observability|Query details
Documentation
|
-|Small PostgreSQL DB Server Log Retention Period
261a83f8-dd72-4e8c-b5e1-ebf06e8fe606|Terraform|Low|Observability|Query details
Documentation
|
-|App Service Managed Identity Disabled
b61cce4b-0cc4-472b-8096-15617a6d769b|Terraform|Low|Resource Management|Query details
Documentation
|
-|SQL Server Alert Email Disabled
55975007-f6e7-4134-83c3-298f1fe4b519|Terraform|Info|Best Practices|Query details
Documentation
|
-|(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)
a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Unrestricted Databricks ACL
2c4fe4a9-f44b-4c70-b09b-5b75cd251805|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Job's Task is Legacy (spark_submit_task)
375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7|Terraform|Medium|Best Practices|Query details
Documentation
|
-|(Beta) Indefinitely Databricks OBO Token Lifetime
23e1f5f0-12b7-4d7e-9087-f60f42ccd514|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|(Beta) Indefinitely Databricks Token Lifetime
7d05ca25-91b4-42ee-b6f6-b06611a87ce8|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|(Beta) Databricks Autoscale Badly Setup
953c0cc6-5f30-44cb-a803-bf4ef2571be8|Terraform|Medium|Resource Management|Query details
Documentation
|
-|(Beta) Databricks Group Without User Or Instance Profile
23c3067a-8cc9-480c-b645-7c1e0ad4bf60|Terraform|Low|Access Control|Query details
Documentation
|
-|(Beta) Check Databricks Cluster AWS Attribute Best Practices
b0749c53-e3ff-4d09-bbe4-dca94e2e7a38|Terraform|Low|Best Practices|Query details
Documentation
|
-|(Beta) Check Databricks Cluster Azure Attribute Best Practices
38028698-e663-4ef7-aa92-773fef0ca86f|Terraform|Low|Best Practices|Query details
Documentation
|
-|(Beta) Check Databricks Cluster GCP Attribute Best Practices
539e4557-d2b5-4d57-a001-cb01140a4e2d|Terraform|Low|Best Practices|Query details
Documentation
|
-|(Beta) Check use no LTS Spark Version
5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6|Terraform|Low|Best Practices|Query details
Documentation
|
-|Cloud Storage Anonymous or Publicly Accessible
a6cd52a1-3056-4910-96a5-894de9f3f3b3|Terraform|Critical|Access Control|Query details
Documentation
|
-|SQL DB Instance Publicly Accessible
b187edca-b81e-4fdc-aff4-aab57db45edb|Terraform|Critical|Insecure Configurations|Query details
Documentation
|
-|BigQuery Dataset Is Public
e576ce44-dd03-4022-a8c0-3906acca2ab4|Terraform|High|Access Control|Query details
Documentation
|
-|Google Project IAM Binding Service Account has Token Creator or Account User Role
617ef6ff-711e-4bd7-94ae-e965911b1b40|Terraform|High|Access Control|Query details
Documentation
|
-|Google Project IAM Member Service Account Has Admin Role
84d36481-fd63-48cb-838e-635c44806ec2|Terraform|High|Access Control|Query details
Documentation
|
-|Google Project IAM Member Service Account has Token Creator or Account User Role
c68b4e6d-4e01-4ca1-b256-1e18e875785c|Terraform|High|Access Control|Query details
Documentation
|
-|KMS Crypto Key is Publicly Accessible
16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5|Terraform|High|Encryption|Query details
Documentation
|
-|SQL DB Instance With SSL Disabled
02474449-71aa-40a1-87ae-e14497747b00|Terraform|High|Encryption|Query details
Documentation
|
-|GKE Legacy Authorization Enabled
5baa92d2-d8ee-4c75-88a4-52d9d8bb8067|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Google Storage Bucket Level Access Disabled
bb0db090-5509-4853-a827-75ced0b3caa0|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|RDP Access Is Not Restricted
678fd659-96f2-454a-a2a0-c2571f83a4a3|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Is Publicly Accessible
c010082c-76e0-4b91-91d9-6e8439e455dd|Terraform|Medium|Access Control|Query details
Documentation
|
-|KMS Admin and CryptoKey Roles In Use
92e4464a-4139-4d57-8742-b5acc0347680|Terraform|Medium|Access Control|Query details
Documentation
|
-|OSLogin Disabled
32ecd6eb-0711-421f-9627-1a28d9eff217|Terraform|Medium|Access Control|Query details
Documentation
|
-|VM With Full Cloud Access
bc280331-27b9-4acb-a010-018e8098aa5d|Terraform|Medium|Access Control|Query details
Documentation
|
-|SQL DB Instance Backup Disabled
cf3c7631-cd1e-42f3-8801-a561214a6e79|Terraform|Medium|Backup|Query details
Documentation
|
-|Disk Encryption Disabled
b1d51728-7270-4991-ac2f-fc26e2695b38|Terraform|Medium|Encryption|Query details
Documentation
|
-|DNSSEC Using RSASHA1
ccc3100c-0fdd-4a5e-9908-c10107291860|Terraform|Medium|Encryption|Query details
Documentation
|
-|Google Compute SSL Policy Weak Cipher In Use
14a457f0-473d-4d1d-9e37-6d99b355b336|Terraform|Medium|Encryption|Query details
Documentation
|
-|Cloud DNS Without DNSSEC
5ef61c88-bbb4-4725-b1df-55d23c9676bb|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Container Node Pool Auto Repair Disabled
acfdbec6-4a17-471f-b412-169d77553332|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Project Auto Create Network Disabled
59571246-3f62-4965-a96f-c7d97e269351|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|IP Aliasing Disabled
c606ba1d-d736-43eb-ac24-e16108f3a9e0|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Policy Disabled
11e7550e-c4b6-472e-adff-c698f157cdd7|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|OSLogin Is Disabled For VM Instance
d0b4d550-c001-46c3-bbdb-d5d75d33f05f|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Pod Security Policy Disabled
9192e0f9-eca5-4056-9282-ae2a736a4088|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Private Cluster Disabled
6ccb85d7-0420-4907-9380-50313f80946b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded GKE Nodes Disabled
579a0727-9c29-4d58-8195-fc5802a8bdb4|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded VM Disabled
1b44e234-3d73-41a8-9954-0b154135280e|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|GKE Using Default Service Account
1c8eef02-17b1-4a3e-b01d-dcc3292d2c38|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Using Default Service Account
3cb4af0b-056d-4fb1-8b95-fdc4593625ff|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Google Compute Network Using Default Firewall Rule
40abce54-95b1-478c-8e5f-ea0bf0bb0e33|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows All Ports
22ef1d26-80f8-4a6c-8c15-f35aab3cac78|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|IP Forwarding Enabled
f34c0c25-47b4-41eb-9c79-249b4dd47b89|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Serial Ports Are Enabled For VM Instances
97fa667a-d05b-4f16-9071-58b939f34751|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Access Is Not Restricted
c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
d6cabc3a-d57e-48c2-b341-bf3dd4f4a120|Terraform|Medium|Observability|Query details
Documentation
|
-|Cloud Storage Bucket Versioning Disabled
e7e961ac-d17e-4413-84bc-8a1fbe242944|Terraform|Medium|Observability|Query details
Documentation
|
-|Google Compute Subnetwork Logging Disabled
40430747-442d-450a-a34f-dc57149f4609|Terraform|Medium|Observability|Query details
Documentation
|
-|Stackdriver Logging Disabled
4c7ebcb2-eae2-461e-bc83-456ee2d4f694|Terraform|Medium|Observability|Query details
Documentation
|
-|Stackdriver Monitoring Disabled
30e8dfd2-3591-4d19-8d11-79e93106c93d|Terraform|Medium|Observability|Query details
Documentation
|
-|Node Auto Upgrade Disabled
b139213e-7d24-49c2-8025-c18faa21ecaa|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Service Account with Improper Privileges
cefdad16-0dd5-4ac5-8ed2-a37502c78672|Terraform|Medium|Resource Management|Query details
Documentation
|
-|High Google KMS Crypto Key Rotation Period
d8c57c4e-bf6f-4e32-a2bf-8643532de77b|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Project-wide SSH Keys Are Enabled In VM Instances
3e4d5ce6-3280-4027-8010-c26eeea1ec01|Terraform|Medium|Secret Management|Query details
Documentation
|
-|User with IAM Role
704fcc44-a58f-4af5-82e2-93f2a58ef918|Terraform|Low|Access Control|Query details
Documentation
|
-|Outdated GKE Version
128df7ec-f185-48bc-8913-ce756a3ccb85|Terraform|Low|Best Practices|Query details
Documentation
|
-|Cluster Labels Disabled
65c1bc7a-4835-4ac4-a2b6-13d310b0648d|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|COS Node Image Not Used
8a893e46-e267-485a-8690-51f39951de58|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Legacy Client Certificate Auth Enabled
73fb21a1-b19a-45b1-b648-b47b1678681e|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Not Proper Email Account In Use
9356962e-4a4f-4d06-ac59-dc8008775eaa|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows Port Range
e6f61c37-106b-449f-a5bb-81bfcaceb8b4|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Google Compute Subnetwork with Private Google Access Disabled
ee7b93c1-b3f8-4a3b-9588-146d481814f5|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|IAM Audit Not Properly Configured
89fe890f-b480-460c-8b6b-7d8b1468adb4|Terraform|Low|Observability|Query details
Documentation
|
-|BOM - GCP Dataflow
895ed0d9-6fec-4567-8614-d7a74b599a53|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP FI
c9d81239-c818-4869-9917-1570c62b81fd|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP PD
dd7d70aa-a6ec-460d-b5d2-38b40253b16f|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP PST
4b82202a-b18e-4891-a1eb-a0989850bbb3|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP Redis
bc75ce52-a60a-4660-b533-bce837a5019b|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP SB
2f06d22c-56bd-4f73-8a51-db001fcf2150|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
-|Github Organization Webhook With SSL Disabled
ce7c874e-1b88-450b-a5e4-cb76ada3c8a9|Terraform|Medium|Encryption|Query details
Documentation
|
-|GitHub Repository Set To Public
15d8a7fd-465a-4d15-a868-add86552f17b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Non Kube System Pod With Host Mount
86a947ea-f577-4efb-a8b0-5fc00257d521|Terraform|High|Access Control|Query details
Documentation
|
-|Cluster Allows Unsafe Sysctls
a9174d31-d526-4ad9-ace4-ce7ddbf52e03|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Container Is Privileged
87065ef8-de9b-40d8-9753-f4a4303e27a4|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Container Runs Unmasked
0ad60203-c050-4115-83b6-b94bde92541d|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Containers With Sys Admin Capabilities
3f55386d-75cd-4e9a-ac47-167b26c04724|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Privilege Escalation Allowed
c878abb4-cca5-4724-92b9-289be68bd47c|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Containers To Share The Host Network Namespace
4950837c-0ce5-4e42-9bee-a25eae73740b|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Privilege Escalation
2bff9906-4e9b-4f71-9346-8ebedfdf43ef|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Sharing Host IPC
51bed0ac-a8ae-407a-895e-90c6cb0610ce|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|PSP Set To Privileged
a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|PSP With Added Capabilities
48388bd2-7201-4dcc-b56d-e8a9efa58fad|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Tiller (Helm v2) Is Deployed
ca2fba76-c1a7-4afd-be67-5249f861cb0e|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Workload Mounting With Sensitive OS Directory
a737be28-37d8-4bff-aa6d-1be8aa0a0015|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|Volume Mount With OS Directory Write Permissions
a62a99d1-8196-432f-8f80-3c100b05d62a|Terraform|High|Resource Management|Query details
Documentation
|
-|Docker Daemon Socket is Exposed to Containers
4e203a65-c8d8-49a2-b749-b124d43c9dc1|Terraform|Medium|Access Control|Query details
Documentation
|
-|Missing App Armor Config
bd6bd46c-57db-4887-956d-d372f21291b6|Terraform|Medium|Access Control|Query details
Documentation
|
-|Permissive Access to Create Pods
522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba|Terraform|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Read Secrets Permissions
826abb30-3cd5-4e0b-a93b-67729b4f7e63|Terraform|Medium|Access Control|Query details
Documentation
|
-|Readiness Probe Is Not Configured
8657197e-3f87-4694-892b-8144701d83c1|Terraform|Medium|Availability|Query details
Documentation
|
-|Root Containers Admitted
4c415497-7410-4559-90e8-f2c8ac64ee38|Terraform|Medium|Best Practices|Query details
Documentation
|
-|Incorrect Volume Claim Access Mode ReadWriteOnce
26b047a9-0329-48fd-8fb7-05bbe5ba80ee|Terraform|Medium|Build Process|Query details
Documentation
|
-|Container Host Pid Is True
587d5d82-70cf-449b-9817-f60f9bccb88c|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Container Resources Limits Undefined
60af03ff-a421-45c8-b214-6741035476fa|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Containers With Added Capabilities
fe771ff7-ba15-4f8f-ad7a-8aa232b49a28|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Ingress Controller Exposes Workload
e2c83c1f-84d7-4467-966c-ed41fd015bb9|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Disabled for PSP
9aa32890-ac1a-45ee-81ca-5164e2098556|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Not Being Dropped
e5587d53-a673-4a6b-b3f2-ba07ec274def|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Seccomp Profile Is Not Configured
455f2e0c-686d-4fcb-8b5f-3f953f12c43c|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|Role Binding To Default Service Account
3360c01e-c8c0-4812-96a2-a6329b9b7f9f|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Name Undefined Or Empty
24b132df-5cc7-4823-8029-f898e1c50b72|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Token Automount Not Disabled
a9a13d4f-f17a-491b-b074-f54bffffcb4a|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
-|Service With External Load Balancer
2a52567c-abb8-4651-a038-52fa27c77aed|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
-|Memory Limits Not Defined
fd097ed0-7fe6-4f58-8b71-fef9f0820a21|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Memory Requests Not Defined
21719347-d02b-497d-bda4-04a03c8e5b61|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Shared Host IPC Namespace
e94d3121-c2d1-4e34-a295-139bfeb73ea3|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Shared Host Network Namespace
ac1564a3-c324-4747-9fa1-9dfc234dace0|Terraform|Medium|Resource Management|Query details
Documentation
|
-|Service Account Allows Access Secrets
07fc3413-e572-42f7-9877-5c8fc6fccfb5|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Shared Service Account
f74b9c43-161a-4799-bc95-0b0ec81801b9|Terraform|Medium|Secret Management|Query details
Documentation
|
-|Cluster Admin Rolebinding With Superuser Permissions
17172bc2-56fb-4f17-916f-a014147706cd|Terraform|Low|Access Control|Query details
Documentation
|
-|Deployment Without PodDisruptionBudget
a05331ee-1653-45cb-91e6-13637a76e4f0|Terraform|Low|Availability|Query details
Documentation
|
-|HPA Targets Invalid Object
17e52ca3-ddd0-4610-9d56-ce107442e110|Terraform|Low|Availability|Query details
Documentation
|
-|StatefulSet Without PodDisruptionBudget
7249e3b0-9231-4af3-bc5f-5daf4988ecbf|Terraform|Low|Availability|Query details
Documentation
|
-|StatefulSet Without Service Name
420e6360-47bb-46f6-9072-b20ed22c842d|Terraform|Low|Availability|Query details
Documentation
|
-|Metadata Label Is Invalid
bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e|Terraform|Low|Best Practices|Query details
Documentation
|
-|No Drop Capabilities for Containers
21cef75f-289f-470e-8038-c7cee0664164|Terraform|Low|Best Practices|Query details
Documentation
|
-|Root Container Not Mounted As Read-only
d532566b-8d9d-4f3b-80bd-361fe802f9c2|Terraform|Low|Build Process|Query details
Documentation
|
-|StatefulSet Requests Storage
fcc2612a-1dfe-46e4-8ce6-0320959f0040|Terraform|Low|Build Process|Query details
Documentation
|
-|Default Service Account In Use
737a0dd9-0aaa-4145-8118-f01778262b8a|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Image Pull Policy Of The Container Is Not Set To Always
aa737abf-6b1d-4aba-95aa-5c160bd7f96e|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Image Without Digest
228c4c19-feeb-4c18-848c-800ac70fdfb7|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without Security Context
ad69e38a-d92e-4357-a8da-f2f29d545883|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Using Default Namespace
abcb818b-5af7-4d72-aba9-6dd84956b451|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|Network Policy Is Not Targeting Any Pod
b80b14c6-aaa2-4876-b651-8a48b6c32fbf|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Service Type is NodePort
5c281bf8-d9bb-47f2-b909-3f6bb11874ad|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Workload Host Port Not Specified
4e74cf4f-ff65-4c1a-885c-67ab608206ce|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|CPU Limits Not Set
5f4735ce-b9ba-4d95-a089-a37a767b716f|Terraform|Low|Resource Management|Query details
Documentation
|
-|CPU Requests Not Set
577ac19c-6a77-46d7-9f14-e049cdd15ec2|Terraform|Low|Resource Management|Query details
Documentation
|
-|CronJob Deadline Not Configured
58876b44-a690-4e9f-9214-7735fa0dd15d|Terraform|Low|Resource Management|Query details
Documentation
|
-|Deployment Has No PodAntiAffinity
461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3|Terraform|Low|Resource Management|Query details
Documentation
|
-|Secrets As Environment Variables
6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8|Terraform|Low|Secret Management|Query details
Documentation
|
-|Invalid Image
e76cca7c-c3f9-4fc9-884c-b2831168ebd8|Terraform|Low|Supply-Chain|Query details
Documentation
|
-|Liveness Probe Is Not Defined
5b6d53dd-3ba3-4269-b4d7-f82e880e43c3|Terraform|Info|Availability|Query details
Documentation
|
-|(Beta) Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud ELB Listener Use HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud ELB Use HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Listener Use HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Use HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Use Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Use Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Router Undefined Security Group To Router
e7dada38-af20-4899-8955-dabea84ab1f0|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
b3535a48-910c-47f8-8b3b-14222f29ef80|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Terraform|Medium|Backup|Query details
Documentation
|
-|(Beta) Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|Generic Git Module Without Revision
3a81fc06-566f-492a-91dd-7448e409e2cd|Terraform|Info|Best Practices|Query details
Documentation
|
-|Name Is Not Snake Case
1e434b25-8763-4b00-a5ca-ca03b7abbb66|Terraform|Info|Best Practices|Query details
Documentation
|
-|Output Without Description
59312e8a-a64e-41e7-a252-618533dd1ea8|Terraform|Info|Best Practices|Query details
Documentation
|
-|Variable Without Description
2a153952-2544-4687-bcc9-cc8fea814a9b|Terraform|Info|Best Practices|Query details
Documentation
|
-|Variable Without Type
fc5109bf-01fd-49fb-8bde-4492b543c34a|Terraform|Info|Best Practices|Query details
Documentation
|
-|(Beta) CLB Listener Using Insecure Protocols
fe08b81c-12e9-4b5e-9006-4218fca750fd|Terraform|High|Encryption|Query details
Documentation
|
-|(Beta) TKE Cluster Encryption Protection Disabled
3ed47402-e322-465f-a0f0-8681135a17b0|Terraform|High|Encryption|Query details
Documentation
|
-|(Beta) CDB Instance Internet Service Enabled
5d820574-4a60-4916-b049-0810b8629731|Terraform|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) CVM Instance Has Public IP
a74b4602-a62c-4a02-956a-e19f86ea24b5|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Security Group Rule Set Accepts All Traffic
d135a36e-c474-452f-b891-76db1e6d1cd5|Terraform|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) CDB Instance Without Backup Policy
ca94be07-7de3-4ae7-85ef-67e0462ec694|Terraform|Medium|Backup|Query details
Documentation
|
-|(Beta) CLB Instance Log Setting Disabled
ada01ed1-b10c-4f2a-b110-b20fa4f9baa6|Terraform|Medium|Encryption|Query details
Documentation
|
-|(Beta) Disk Encryption Disabled
1ee0f202-31da-49ba-bbce-04a989912e4b|Terraform|Medium|Encryption|Query details
Documentation
|
-|(Beta) TKE Cluster Has Public Access
df6928ed-02f4-421f-9a67-a529860dd7e7|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
-|(Beta) CVM Instance Using Default Security Group
93bb2065-63ec-45a2-a466-f106b56f2e32|Terraform|Low|Access Control|Query details
Documentation
|
-|(Beta) CVM Instance Using User Data
5bb6fa08-5e84-4760-a54a-cdcd66626976|Terraform|Low|Access Control|Query details
Documentation
|
-|(Beta) CDB Instance Internet Using Default Intranet Port
18d6aa4b-7570-4d95-9c75-90363ef1abd9|Terraform|Low|Insecure Configurations|Query details
Documentation
|
-|(Beta) CVM Instance Using Default VPC
b4e75c5c-83d5-4568-90e3-57ed5ec4051b|Terraform|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) TKE Cluster Log Agent Is Not Enabled
fe405074-7e18-40f9-9aef-024aa1d0a889|Terraform|Low|Observability|Query details
Documentation
|
-|(Beta) VPC Flow Logs Disabled
a3240001-40db-47b7-abb9-2bcd6a04c430|Terraform|Low|Observability|Query details
Documentation
|
-|(Beta) CVM Instance Disable Monitor Service
966ed4f7-b8a5-4e8d-b2bf-098657c98960|Terraform|Info|Observability|Query details
Documentation
|
+|Type Has Invalid Keyword (v3)
a9228976-10cf-4b5f-b902-9e962aad037a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
|
+|Amazon DMS Replication Instance Is Publicly Accessible
bccb296f-362c-4b05-9221-86d1437a1016|Pulumi|Critical|Access Control|Query details
Documentation
|
+|DynamoDB Table Not Encrypted
b6a7e0ae-aed8-4a19-a993-a95760bf8836|Pulumi|High|Encryption|Query details
Documentation
|
+|ElastiCache Nodes Not Created Across Multi AZ
9b18fc19-7fb8-49b1-8452-9c757c70f926|Pulumi|Medium|Availability|Query details
Documentation
|
+|ElastiCache Redis Cluster Without Backup
e93bbe63-a631-4c0f-b6ef-700d48441ff2|Pulumi|Medium|Backup|Query details
Documentation
|
+|API Gateway Without SSL Certificate
f27791a5-e2ae-4905-8910-6f995c576d09|Pulumi|Medium|Insecure Configurations|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
647de8aa-5a42-41b5-9faf-22136f117380|Pulumi|Medium|Insecure Configurations|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
00603add-7f72-448f-a6c0-9e456a7a3f94|Pulumi|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Access Logging Disabled
bf4b48b9-fc1f-4552-984a-4becdb5bf503|Pulumi|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
2ca87964-fe7e-4cdc-899c-427f0f3525f8|Pulumi|Medium|Observability|Query details
Documentation
|
+|EC2 Instance Monitoring Disabled
daa581ef-731c-4121-832d-cf078f67759d|Pulumi|Medium|Observability|Query details
Documentation
|
+|Elasticsearch Logs Disabled
a1120ee4-a712-42d9-8fb5-22595fed643b|Pulumi|Medium|Observability|Query details
Documentation
|
+|IAM Password Without Minimum Length
9850d621-7485-44f7-8bdd-b3cf426315cf|Pulumi|Low|Best Practices|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
abcefee4-a0c1-4245-9f82-a473f79a9e2f|Pulumi|Low|Observability|Query details
Documentation
|
+|DynamoDB Table Point In Time Recovery Disabled
327b0729-4c5c-4c44-8b5c-e476cd9c7290|Pulumi|Info|Best Practices|Query details
Documentation
|
+|EC2 Not EBS Optimized
d991e4ae-42ab-429b-ab43-d5e5fa9ca633|Pulumi|Info|Best Practices|Query details
Documentation
|
+|Storage Account Not Forcing HTTPS
cb8e4bf0-903d-45c6-a278-9a947d82a27b|Pulumi|Medium|Encryption|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
49e30ac8-f58e-4222-b488-3dcb90158ec1|Pulumi|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Compute SSL Policy Weak Cipher In Use
965e8830-2bec-4b9b-a7f0-24dbc200a68f|Pulumi|Medium|Encryption|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
48f7e44d-d1d1-44c2-b336-9f11b65c4fb0|Pulumi|Medium|Observability|Query details
Documentation
|
+|PSP Set To Privileged
ee305555-6b1d-4055-94cf-e22131143c34|Pulumi|High|Insecure Configurations|Query details
Documentation
|
+|Missing App Armor Config
95588189-1abd-4df1-9588-b0a5034f9e87|Pulumi|Medium|Access Control|Query details
Documentation
|
+|Serverless Role With Full Privileges
59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd|ServerlessFW|High|Access Control|Query details
Documentation
|
+|Serverless Function Without Unique IAM Role
165aae3b-a56a-48f3-b76d-d2b5083f5b8f|ServerlessFW|High|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Environment Variables Not Encrypted
4495bc5d-4d1e-4a26-ae92-152d18195648|ServerlessFW|Medium|Encryption|Query details
Documentation
|
+|Serverless API Endpoint Config Not Private
4d424558-c6d1-453c-be98-9a7f877abd9a|ServerlessFW|Medium|Networking and Firewall|Query details
Documentation
|
+|Serverless API Access Logging Setting Undefined
a4d32883-aac7-42e1-b403-9415af0f3846|ServerlessFW|Medium|Observability|Query details
Documentation
|
+|Serverless API X-Ray Tracing Disabled
434945e5-4dfd-41b1-aba1-47075ccd9265|ServerlessFW|Medium|Observability|Query details
Documentation
|
+|Serverless API Without Content Encoding
d5d1fe08-89db-440c-8725-b93223387309|ServerlessFW|Low|Encryption|Query details
Documentation
|
+|Serverless Function Without Dead Letter Queue
dec7bc85-d156-4f64-9a33-96ed3d9f3fed|ServerlessFW|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without Tags
f99d3482-fa8c-4f79-bad9-35212dded164|ServerlessFW|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without X-Ray Tracing
0d7ef70f-e176-44e6-bdba-add3e429788d|ServerlessFW|Low|Observability|Query details
Documentation
|
+|OSS Bucket Allows All Actions From All Principals
ec62a32c-a297-41ca-a850-cab40b42094a|Terraform|Critical|Access Control|Query details
Documentation
|
+|OSS Bucket Allows Delete Action From All Principals
8c0695d8-2378-4cd6-8243-7fd5894fa574|Terraform|Critical|Access Control|Query details
Documentation
|
+|OSS Bucket Allows Put Action From All Principals
fe286195-e75c-4359-bd58-00847c4f855a|Terraform|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
faaefc15-51a5-419e-bb5e-51a4b5ab3485|Terraform|Critical|Insecure Configurations|Query details
Documentation
|
+|OSS Bucket Allows List Action From All Principals
88541597-6f88-42c8-bac6-7e0b855e8ff6|Terraform|High|Access Control|Query details
Documentation
|
+|OSS Bucket Public Access Enabled
62232513-b16f-4010-83d7-51d0e1d45426|Terraform|High|Access Control|Query details
Documentation
|
+|Ecs Data Disk Kms Key Id Undefined
f262118c-1ac6-4bb3-8495-cc48f1775b85|Terraform|High|Encryption|Query details
Documentation
|
+|Launch Template Is Not Encrypted
1455cb21-1d48-46d6-8ae3-cef911b71fd5|Terraform|High|Encryption|Query details
Documentation
|
+|NAS File System Not Encrypted
67bfdff1-31ce-4525-b564-e94368735360|Terraform|High|Encryption|Query details
Documentation
|
+|NAS File System Without KMS
5f670f9d-b1b4-4c90-8618-2288f1ab9676|Terraform|High|Encryption|Query details
Documentation
|
+|RDS Instance TDE Status Disabled
44d434ca-a9bf-4203-8828-4c81a8d5a598|Terraform|High|Encryption|Query details
Documentation
|
+|OSS Bucket Has Static Website
2b13c6ff-b87a-484d-86fd-21ef6e97d426|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|OSS Bucket Ip Restriction Disabled
6107c530-7178-464a-88bc-df9cdd364ac8|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Public Security Group Rule All Ports or Protocols
60587dbd-6b67-432e-90f7-a8cf1892d968|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Public Security Group Rule Sensitive Port
2ae9d554-23fb-4065-bfd1-fe43d5f7c419|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Public Security Group Rule Unknown Port
dd706080-b7a8-47dc-81fb-3e8184430ec0|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|ActionTrail Trail OSS Bucket is Publicly Accessible
69b5d7da-a5db-4db9-a42e-90b65d0efb0b|Terraform|High|Observability|Query details
Documentation
|
+|Ram Policy Admin Access Not Attached to Users Groups Roles
e8e62026-da63-4904-b402-65adfe3ca975|Terraform|Medium|Access Control|Query details
Documentation
|
+|Ram Policy Attached to User
66505003-7aba-45a1-8d83-5162d5706ef5|Terraform|Medium|Access Control|Query details
Documentation
|
+|CMK Is Unusable
ed6e3ba0-278f-47b6-a1f5-173576b40b7e|Terraform|Medium|Availability|Query details
Documentation
|
+|OSS Bucket Versioning Disabled
70919c0b-2548-4e6b-8d7a-3d84ab6dabba|Terraform|Medium|Backup|Query details
Documentation
|
+|ROS Stack Retention Disabled
4bb06fa1-2114-4a00-b7b5-6aeab8b896f0|Terraform|Medium|Backup|Query details
Documentation
|
+|ROS Stack Without Template
92d65c51-5d82-4507-a2a1-d252e9706855|Terraform|Medium|Build Process|Query details
Documentation
|
+|Disk Encryption Disabled
39750e32-3fe9-453b-8c33-dd277acdb2cc|Terraform|Medium|Encryption|Query details
Documentation
|
+|OSS Bucket Encryption Using CMK Disabled
f20e97f9-4919-43f1-9be9-f203cd339cdd|Terraform|Medium|Encryption|Query details
Documentation
|
+|SLB Policy With Insecure TLS Version In Use
dbfc834a-56e5-4750-b5da-73fda8e73f70|Terraform|Medium|Encryption|Query details
Documentation
|
+|CS Kubernetes Node Pool Auto Repair Disabled
81ce9394-013d-4731-8fcc-9d229b474073|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
1b4565c0-4877-49ac-ab03-adebbccd42ae|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|ALB Listening on HTTP
ee3b1557-9fb5-4685-a95d-93f1edf2a0d7|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway API Protocol Not HTTPS
1bcdf9f0-b1aa-40a4-b8c6-cd7785836843|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|OSS Buckets Secure Transport Disabled
c01d10de-c468-4790-b3a0-fc887a56f289|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|RDS Instance SSL Action Disabled
7a1ee8a9-71be-4b11-bb70-efb62d16863b|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Action Trail Logging For All Regions Disabled
c065b98e-1515-4991-9dca-b602bd6a2fbb|Terraform|Medium|Observability|Query details
Documentation
|
+|OSS Bucket Logging Disabled
05db341e-de7d-4972-a106-3e2bd5ee53e1|Terraform|Medium|Observability|Query details
Documentation
|
+|RDS Instance Events Not Logged
b9c524a4-fe76-4021-a6a2-cb978fb4fde1|Terraform|Medium|Observability|Query details
Documentation
|
+|RDS Instance Log Connections Disabled
140869ea-25f2-40d4-a595-0c0da135114e|Terraform|Medium|Observability|Query details
Documentation
|
+|RDS Instance Log Disconnections Disabled
d53f4123-f8d8-4224-8cb3-f920b151cc98|Terraform|Medium|Observability|Query details
Documentation
|
+|RDS Instance Log Duration Disabled
a597e05a-c065-44e7-9cc8-742f572a504a|Terraform|Medium|Observability|Query details
Documentation
|
+|VPC Flow Logs Disabled
d2731f3d-a992-44ed-812e-f4f1c2747d71|Terraform|Medium|Observability|Query details
Documentation
|
+|No ROS Stack Policy
72ceb736-0aee-43ea-a191-3a69ab135681|Terraform|Medium|Resource Management|Query details
Documentation
|
+|High KMS Key Rotation Period
cb319d87-b90f-485e-a7e7-f2408380f309|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Max Login Attempts Unrecommended
e76fd7ab-7333-40c6-a2d8-ea28af4a319e|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Max Password Age Unrecommended
2bb13841-7575-439e-8e0a-cccd9ede2fa8|Terraform|Medium|Secret Management|Query details
Documentation
|
+|RAM Account Password Policy without Reuse Prevention
a8128dd2-89b0-464b-98e9-5d629041dfe0|Terraform|Medium|Secret Management|Query details
Documentation
|
+|RAM Security Preference Not Enforce MFA Login
dcda2d32-e482-43ee-a926-75eaabeaa4e0|Terraform|Low|Access Control|Query details
Documentation
|
+|OSS Bucket Transfer Acceleration Disabled
8f98334a-99aa-4d85-b72a-1399ca010413|Terraform|Low|Availability|Query details
Documentation
|
+|OSS Bucket Lifecycle Rule Disabled
7db8bd7e-9772-478c-9ec5-4bc202c5686f|Terraform|Low|Backup|Query details
Documentation
|
+|Kubernetes Cluster Without Terway as CNI Network Plugin
b9b7ada8-3868-4a35-854e-6100a2bb863d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Log Retention Is Not Greater Than 90 Days
ed6cf6ff-9a1f-491c-9f88-e03c0807f390|Terraform|Low|Observability|Query details
Documentation
|
+|RDS Instance Retention Period Not Recommended
dc158941-28ce-481d-a7fa-dc80761edf46|Terraform|Low|Observability|Query details
Documentation
|
+|ROS Stack Notifications Disabled
9ef08939-ea40-489c-8851-667870b2ef50|Terraform|Low|Observability|Query details
Documentation
|
+|Ram Account Password Policy Not Require At Least one Lowercase Character
89143358-cec6-49f5-9392-920c591c669c|Terraform|Low|Secret Management|Query details
Documentation
|
+|RAM Account Password Policy Not Require at Least one Uppercase Character
5e0fb613-ba9b-44c3-88f0-b44188466bfd|Terraform|Low|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Not Required Minimum Length
a9dfec39-a740-4105-bbd6-721ba163c053|Terraform|Low|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Not Required Numbers
063234c0-91c0-4ab5-bbd0-47ddb5f23786|Terraform|Low|Secret Management|Query details
Documentation
|
+|RAM Account Password Policy Not Required Symbols
41a38329-d81b-4be4-aef4-55b2615d3282|Terraform|Low|Secret Management|Query details
Documentation
|
+|Amazon DMS Replication Instance Is Publicly Accessible
030d3b18-1821-45b4-9e08-50efbe7becbb|Terraform|Critical|Access Control|Query details
Documentation
|
+|ECR Repository Is Publicly Accessible
e86e26fc-489e-44f0-9bcd-97305e4ba69a|Terraform|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Access to Any Principal
7af43613-6bb9-4a0e-8c4d-1314b799425e|Terraform|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read Or Write to All Users
38c5ee0d-7f22-4260-ab72-5073048df100|Terraform|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Grants WRITE_ACP Permission
64a222aa-7793-4e40-915f-4b302c76e4d4|Terraform|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Delete Action From All Principals
ffdf4b37-7703-4dfe-a682-9d2e99bc6c09|Terraform|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Put Action From All Principals
d24c0755-c028-44b1-b503-8e719c898832|Terraform|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With All Permissions
a4966c4f-9141-48b8-a564-ffe9959945bc|Terraform|Critical|Access Control|Query details
Documentation
|
+|SNS Topic is Publicly Accessible
b26d2b7e-60f6-413d-a3a1-a57db24aa2b3|Terraform|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
35113e6f-2c6b-414d-beec-7a9482d3b2d1|Terraform|Critical|Insecure Configurations|Query details
Documentation
|
+|DB Security Group With Public Scope
1e0ef61b-ad85-4518-a3d3-85eaad164885|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|RDS Associated with Public Subnet
2f737336-b18a-4602-8ea0-b200312e1ac1|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|CloudWatch Unauthorized Access Alarm Missing
4c18a45b-4ab1-4790-9f83-399ac695f1e5|Terraform|Critical|Observability|Query details
Documentation
|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
09c35abf-5852-4622-ac7a-b987b331232e|Terraform|High|Access Control|Query details
Documentation
|
+|ECS Service Admin Role Is Present
3206240f-2e87-4e58-8d24-3e19e7c83d7c|Terraform|High|Access Control|Query details
Documentation
|
+|IAM Policy Grants Full Permissions
575a2155-6af1-4026-b1af-d5bc8fe2a904|Terraform|High|Access Control|Query details
Documentation
|
+|IAM Role With Full Privileges
b1ffa705-19a3-4b73-b9d0-0c97d0663842|Terraform|High|Access Control|Query details
Documentation
|
+|Lambda With Vulnerable Policy
ad9dabc7-7839-4bae-a957-aa9120013f39|Terraform|High|Access Control|Query details
Documentation
|
+|MSK Broker Is Publicly Accessible
54378d69-dd7c-4b08-a43e-80d563396857|Terraform|High|Access Control|Query details
Documentation
|
+|Neptune Cluster Instance is Publicly Accessible
9ba198e0-fef4-464a-8a4d-75ea55300de7|Terraform|High|Access Control|Query details
Documentation
|
+|Neptune Cluster With IAM Database Authentication Disabled
c91d7ea0-d4d1-403b-8fe1-c9961ac082c5|Terraform|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to Any Authenticated User
57b9893d-33b1-4419-bcea-a717ea87e139|Terraform|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Get Action From All Principals
1df37f4b-7197-45ce-83f8-9994d2fcf885|Terraform|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows List Action From All Principals
66c6f96f-2d9e-417e-a998-9058aeeecd44|Terraform|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public Policy
1a4bc881-9f69-4d44-8c9a-d37d08f54c50|Terraform|High|Access Control|Query details
Documentation
|
+|S3 Bucket Public ACL Overridden By Public Access Block
bf878b1a-7418-4de3-b13c-3a86cf894920|Terraform|High|Access Control|Query details
Documentation
|
+|Secrets Manager With Vulnerable Policy
fa00ce45-386d-4718-8392-fb485e1f3c5b|Terraform|High|Access Control|Query details
Documentation
|
+|SES Policy With Allowed IAM Actions
34b921bd-90a0-402e-a0a5-dc73371fd963|Terraform|High|Access Control|Query details
Documentation
|
+|SQS Policy Allows All Actions
816ea8cf-d589-442d-a917-2dd0ce0e45e3|Terraform|High|Access Control|Query details
Documentation
|
+|SQS Queue Exposed
abb06e5f-ef9a-4a99-98c6-376d396bfcdf|Terraform|High|Access Control|Query details
Documentation
|
+|AmazonMQ Broker Encryption Disabled
3db3f534-e3a3-487f-88c7-0a9fbf64b702|Terraform|High|Encryption|Query details
Documentation
|
+|API Gateway Method Settings Cache Not Encrypted
b7c9a40c-23e4-4a2d-8d39-a3352f10f288|Terraform|High|Encryption|Query details
Documentation
|
+|Athena Database Not Encrypted
b2315cae-b110-4426-81e0-80bb8640cdd3|Terraform|High|Encryption|Query details
Documentation
|
+|Athena Workgroup Not Encrypted
d364984a-a222-4b5f-a8b0-e23ab19ebff3|Terraform|High|Encryption|Query details
Documentation
|
+|Aurora With Disabled at Rest Encryption
1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e|Terraform|High|Encryption|Query details
Documentation
|
+|Config Rule For Encrypted Volumes Disabled
abdb29d4-5ca1-4e91-800b-b3569bbd788c|Terraform|High|Encryption|Query details
Documentation
|
+|DAX Cluster Not Encrypted
f11aec39-858f-4b6f-b946-0a1bf46c0c87|Terraform|High|Encryption|Query details
Documentation
|
+|DB Instance Storage Not Encrypted
08bd0760-8752-44e1-9779-7bb369b2b4e4|Terraform|High|Encryption|Query details
Documentation
|
+|DOCDB Cluster Not Encrypted
bc1f9009-84a0-490f-ae09-3e0ea6d74ad6|Terraform|High|Encryption|Query details
Documentation
|
+|DOCDB Cluster Without KMS
4766d3ea-241c-4ee6-93ff-c380c996bd1a|Terraform|High|Encryption|Query details
Documentation
|
+|DynamoDB Table Not Encrypted
ce089fd4-1406-47bd-8aad-c259772bb294|Terraform|High|Encryption|Query details
Documentation
|
+|EBS Default Encryption Disabled
3d3f6270-546b-443c-adb4-bb6fb2187ca6|Terraform|High|Encryption|Query details
Documentation
|
+|EBS Volume Encryption Disabled
cc997676-481b-4e93-aa81-d19f8c5e9b12|Terraform|High|Encryption|Query details
Documentation
|
+|EBS Volume Snapshot Not Encrypted
e6b4b943-6883-47a9-9739-7ada9568f8ca|Terraform|High|Encryption|Query details
Documentation
|
+|ECS Task Definition Volume Not Encrypted
4d46ff3b-7160-41d1-a310-71d6d370b08f|Terraform|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
48207659-729f-4b5c-9402-f884257d794f|Terraform|High|Encryption|Query details
Documentation
|
+|EKS Cluster Encryption Disabled
63ebcb19-2739-4d3f-aa5c-e8bbb9b85281|Terraform|High|Encryption|Query details
Documentation
|
+|ElastiCache Replication Group Not Encrypted At Rest
76976de7-c7b1-4f64-a94f-90c1345914c2|Terraform|High|Encryption|Query details
Documentation
|
+|ElasticSearch Encryption With KMS Disabled
7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2|Terraform|High|Encryption|Query details
Documentation
|
+|ElasticSearch Not Encrypted At Rest
24e16922-4330-4e9d-be8a-caa90299466a|Terraform|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
4a800e14-c94a-442d-9067-5a2e9f6c0a4c|Terraform|High|Encryption|Query details
Documentation
|
+|Glue Data Catalog Encryption Disabled
01d50b14-e933-4c99-b314-6d08cd37ad35|Terraform|High|Encryption|Query details
Documentation
|
+|Glue Security Configuration Encryption Disabled
ad5b4e97-2850-4adf-be17-1d293e0b85ee|Terraform|High|Encryption|Query details
Documentation
|
+|Kinesis Not Encrypted With KMS
862fe4bf-3eec-4767-a517-40f378886b88|Terraform|High|Encryption|Query details
Documentation
|
+|Kinesis SSE Not Configured
5c6dd5e7-1fe0-4cae-8f81-4c122717cef3|Terraform|High|Encryption|Query details
Documentation
|
+|Launch Configuration Is Not Encrypted
4de9de27-254e-424f-bd70-4c1e95790838|Terraform|High|Encryption|Query details
Documentation
|
+|MSK Cluster Encryption Disabled
6db52fa6-d4da-4608-908a-89f0c59e743e|Terraform|High|Encryption|Query details
Documentation
|
+|Neptune Database Cluster Encryption Disabled
98d59056-f745-4ef5-8613-32bca8d40b7e|Terraform|High|Encryption|Query details
Documentation
|
+|RDS Database Cluster not Encrypted
656880aa-1388-488f-a6d4-8f73c23149b2|Terraform|High|Encryption|Query details
Documentation
|
+|RDS Storage Not Encrypted
3199c26c-7871-4cb3-99c2-10a59244ce7f|Terraform|High|Encryption|Query details
Documentation
|
+|Redis Not Compliant
254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4|Terraform|High|Encryption|Query details
Documentation
|
+|Redshift Not Encrypted
cfdcabb0-fc06-427c-865b-c59f13e898ce|Terraform|High|Encryption|Query details
Documentation
|
+|S3 Bucket Object Not Encrypted
5fb49a69-8d46-4495-a2f8-9c8c622b2b6e|Terraform|High|Encryption|Query details
Documentation
|
+|Sagemaker Endpoint Configuration Encryption Disabled
58b35504-0287-4154-bf69-02c0573deab8|Terraform|High|Encryption|Query details
Documentation
|
+|Sagemaker Notebook Instance Without KMS
f3674e0c-f6be-43fa-b71c-bf346d1aed99|Terraform|High|Encryption|Query details
Documentation
|
+|SNS Topic Not Encrypted
28545147-2fc6-42d5-a1f9-cf226658e591|Terraform|High|Encryption|Query details
Documentation
|
+|User Data Contains Encoded Private Key
443488f5-c734-460b-a36d-5b3f330174dc|Terraform|High|Encryption|Query details
Documentation
|
+|Workspaces Workspace Volume Not Encrypted
b9033580-6886-401a-8631-5f19f5bb24c7|Terraform|High|Encryption|Query details
Documentation
|
+|Batch Job Definition With Privileged Container Properties
66cd88ac-9ddf-424a-b77e-e55e17630bee|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|DB Security Group Has Public Interface
f0d8781f-99bf-4958-9917-d39283b168a0|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|KMS Key With Vulnerable Policy
7ebc9038-0bde-479a-acc4-6ed7b6758899|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Lambda Function With Privileged Role
1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|MQ Broker Is Publicly Accessible
4eb5f791-c861-4afd-9f94-f2a6a3fe49cb|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Redshift Publicly Accessible
af173fde-95ea-4584-b904-bb3923ac4bda|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Root Account Has Active Access Keys
970d224d-b42a-416b-81f9-8f4dfe70c4bc|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|S3 Static Website Host Enabled
42bb6b7f-6d54-4428-b707-666f669d94fb|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|DB Security Group Open To Large Scope
4f615f3e-fb9c-4fad-8b70-2e9f781806ce|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Default Security Groups With Unrestricted Traffic
46883ce1-dc3e-4b17-9195-c6a601624c73|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Network ACL With Unrestricted Access To RDP
a20be318-cac7-457b-911d-04cc6e812c25|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Remote Desktop Port Open To Internet
151187cb-0efc-481c-babd-ad24e3c9bc22|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Route53 Record Undefined
25db74bf-fa3b-44da-934e-8c3e005c0453|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Entire Network
381c3f2a-ef6f-4eff-99f7-b169cda3422c|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Unknown Port Exposed To Internet
590d878b-abdc-428f-895a-e2b68a0e1998|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Unrestricted Security Group Ingress
4728cd65-a20c-49da-8b31-9c08b423e4db|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|VPC Default Security Group Accepts All Traffic
9a4ef195-74b9-4c58-b8ed-2b2fe4353a75|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|VPC Peering Route Table with Unrestricted CIDR
b3a41501-f712-4c4f-81e5-db9a7dc0e34e|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|CloudTrail Log Files S3 Bucket is Publicly Accessible
bd0088a5-c133-4b20-b129-ec9968b16ef3|Terraform|High|Observability|Query details
Documentation
|
+|Hardcoded AWS Access Key
d7b9d850-3e06-4a75-852f-c46c2e92240b|Terraform|High|Secret Management|Query details
Documentation
|
+|Hardcoded AWS Access Key In Lambda
1402afd8-a95c-4e84-8b0b-6fb43758e6ce|Terraform|High|Secret Management|Query details
Documentation
|
+|AMI Shared With Multiple Accounts
ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698|Terraform|Medium|Access Control|Query details
Documentation
|
+|API Gateway Method Does Not Contains An API Key
671211c5-5d2a-4e97-8867-30fc28b02216|Terraform|Medium|Access Control|Query details
Documentation
|
+|API Gateway Without Configured Authorizer
0a96ce49-4163-4ee6-8169-eb3b0797d694|Terraform|Medium|Access Control|Query details
Documentation
|
+|Certificate Has Expired
c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6|Terraform|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Using Default Security Group
f1adc521-f79a-4d71-b55b-a68294687432|Terraform|Medium|Access Control|Query details
Documentation
|
+|EFS With Vulnerable Policy
fae52418-bb8b-4ac2-b287-0b9082d6a3fd|Terraform|Medium|Access Control|Query details
Documentation
|
+|Elasticsearch Domain With Vulnerable Policy
16c4216a-50d3-4785-bfb2-4adb5144a8ba|Terraform|Medium|Access Control|Query details
Documentation
|
+|Elasticsearch Without IAM Authentication
e7530c3c-b7cf-4149-8db9-d037a0b5268e|Terraform|Medium|Access Control|Query details
Documentation
|
+|Glue With Vulnerable Policy
d25edb51-07fb-4a73-97d4-41cecdc53a22|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
9b0ffadc-a61f-4c2a-b1e6-68fab60f6267|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
15e6ad8c-f420-49a6-bafb-074f5eb1ec74|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
7d544dad-8a6c-431c-84c1-5f07fe9afc0e|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
8f3c16b3-354d-45db-8ad5-5066778a9485|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'
970ed7a2-0aca-4425-acf1-0453c9ecbca1|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
70b42736-efee-4bce-80d5-50358ed94990|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'
3dd96caa-0b5f-4a85-b929-acfac4646cc2|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'
db78d14b-10e5-4e6e-84b1-dace6327b1ec|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'
846646e3-2af1-428c-ac5d-271eccfa6faf|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'
04c686f1-e0cd-4812-88e1-4e038410074c|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ec49cbfd-fae4-45f3-81b1-860526d66e3f|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'
e77c89f6-9c85-49ea-b95b-5f960fe5be92|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'
c0c1e744-0f37-445e-924a-1846f0839f69|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'
60263b4a-6801-4587-911d-919c37ed733b|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
7782d4b3-e23e-432b-9742-d9528432e771|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
78f1ec6f-5659-41ea-bd48-d0a142dce4f2|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
ad296c0d-8131-4d6b-b030-1b0e73a99ad3|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
034d0aee-620f-4bf7-b7fb-efdf661fdb9e|Terraform|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
571254d8-aa6a-432e-9725-535d3ef04d69|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Access Key Is Exposed
7081f85c-b94d-40fd-8b45-a4f1cac75e46|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Group Without Users
fc101ca7-c9dd-4198-a1eb-0fbe92e80044|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Policies Attached To User
b4378389-a9aa-44ee-91e7-ef183f11079e|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Policies With Full Privileges
2f37c4a3-58b9-4afe-8a87-d7f1d2286f84|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services
bcdcbdc6-a350-4855-ae7c-d1e6436f7c97|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Role Allows All Principals To Assume
12b7e704-37f0-4d1e-911a-44bf60c48c21|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM Role Policy passRole Allows All
e39bee8c-fe54-4a3f-824d-e5e2d1cca40a|Terraform|Medium|Access Control|Query details
Documentation
|
+|IAM User With Access To Console
9ec311bf-dfd9-421f-8498-0b063c8bc552|Terraform|Medium|Access Control|Query details
Documentation
|
+|Lambda Permission Principal Is Wildcard
e08ed7eb-f3ef-494d-9d22-2e3db756a347|Terraform|Medium|Access Control|Query details
Documentation
|
+|Policy Without Principal
bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54|Terraform|Medium|Access Control|Query details
Documentation
|
+|Public and Private EC2 Share Role
c53c7a89-f9d7-4c7b-8b66-8a555be99593|Terraform|Medium|Access Control|Query details
Documentation
|
+|Public Lambda via API Gateway
3ef8696c-e4ae-4872-92c7-520bb44dfe77|Terraform|Medium|Access Control|Query details
Documentation
|
+|REST API With Vulnerable Policy
b161c11b-a59b-4431-9a29-4e19f63e6b27|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
be2aa235-bd93-4b68-978a-1cc65d49082f|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
30b88745-eebe-4ecb-a3a9-5cf886e96204|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
0a592060-8166-49f5-8e65-99ac6dce9871|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
eda48c88-2b7d-4e34-b6ca-04c0194aee17|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'
b8a31292-509d-4b61-bc40-13b167db7e9c|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
f906113d-cdc0-415a-ba60-609cc6daaf4d|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'
f465fff1-0a0f-457d-aa4d-1bddb6f204ff|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'
7c96920c-6fd0-449d-9a52-0aa431b6beaf|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'
5b4d4aee-ac94-4810-9611-833636e5916d|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'
9a205ba3-0dd1-42eb-8d54-2ffec836b51a|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ee49557d-750c-4cc1-aa95-94ab36cbefde|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'
d6047119-a0b2-4b59-a4f2-127a36fb685b|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'
eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'
8f75840d-9ee7-42f3-b203-b40e3979eb12|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
118281d0-6471-422e-a7c5-051bc667926e|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
f1173d8c-3264-4148-9fdb-61181e031b51|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
35ccf766-0e4d-41ed-9ec4-2dab155082b4|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
fa62ac4f-f5b9-45b9-97c1-625c8b6253ca|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
c583f0f9-7dfd-476b-a056-f47c62b47b46|Terraform|Medium|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public ACL
d0cc8694-fcad-43ff-ac86-32331d7e867f|Terraform|Medium|Access Control|Query details
Documentation
|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously
5ea624e4-c8b1-4bb3-87a4-4235a776adcc|Terraform|Medium|Access Control|Query details
Documentation
|
+|SQS Policy With Public Access
730675f9-52ed-49b6-8ead-0acb5dd7df7f|Terraform|Medium|Access Control|Query details
Documentation
|
+|SSO Identity User Unsafe Creation
4003118b-046b-4640-b200-b8c7a4c8b89f|Terraform|Medium|Access Control|Query details
Documentation
|
+|SSO Policy with full privileges
132a8c31-9837-4203-9fd1-15ca210c7b73|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
19ffbe31-9d72-4379-9768-431195eae328|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
89561b03-cb35-44a9-a7e9-8356e71606f4|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
94fbe150-27e3-4eba-9ca6-af32865e4503|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
9b877bd8-94b4-4c10-a060-8e0436cc09fa|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AddUserToGroup'
bf9d42c7-c2f9-4dfe-942c-c8cc8249a081|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
6d23d87e-1c5b-4308-b224-92624300f29b|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'
e227091e-2228-4b40-b046-fc13650d8e88|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'
70cb518c-d990-46f6-bc05-44a5041493d6|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:CreateAccessKey'
113208f2-a886-4526-9ecc-f3218600e12c|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'
0fd7d920-4711-46bd-aff2-d307d82cd8b7|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
1743f5f1-0bb0-4934-acef-c80baa5dadfa|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'
8bfbf7ab-d5e8-4100-8618-798956e101e0|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:PutRolePolicy'
eeb4d37a-3c59-4789-a00c-1509bc3af1e5|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:PutUserPolicy'
0c10d7da-85c4-4d62-b2a8-d6c104f1bd77|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
43a41523-386a-4cb1-becb-42af6b414433|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
33627268-1445-4385-988a-318fd9d1a512|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
6deb34e2-5d9c-499a-801b-ea6d9eda894f|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
8055dec2-efb8-4fe6-8837-d9bed6ff202a|Terraform|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
b69247e5-7e73-464e-ba74-ec9b715c6e12|Terraform|Medium|Access Control|Query details
Documentation
|
+|Auto Scaling Group With No Associated ELB
8e94dced-9bcc-4203-8eb7-7e41202b2505|Terraform|Medium|Availability|Query details
Documentation
|
+|CMK Is Unusable
7350fa23-dcf7-4938-916d-6a60b0c73b50|Terraform|Medium|Availability|Query details
Documentation
|
+|ElastiCache Nodes Not Created Across Multi AZ
6db03a91-f933-4f13-ab38-a8b87a7de54d|Terraform|Medium|Availability|Query details
Documentation
|
+|ElastiCache Redis Cluster Without Backup
8fdb08a0-a868-4fdf-9c27-ccab0237f1ab|Terraform|Medium|Backup|Query details
Documentation
|
+|RDS Cluster With Backup Disabled
e542bd46-58c4-4e0f-a52a-1fb4f9548e02|Terraform|Medium|Backup|Query details
Documentation
|
+|RDS With Backup Disabled
1dc73fb4-5b51-430c-8c5f-25dcf9090b02|Terraform|Medium|Backup|Query details
Documentation
|
+|S3 Bucket Without Versioning
568a4d22-3517-44a6-a7ad-6a7eed88722c|Terraform|Medium|Backup|Query details
Documentation
|
+|Stack Retention Disabled
6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97|Terraform|Medium|Backup|Query details
Documentation
|
+|ALB Not Dropping Invalid Headers
6e3fd2ed-5c83-4c68-9679-7700d224d379|Terraform|Medium|Best Practices|Query details
Documentation
|
+|AMI Not Encrypted
8bbb242f-6e38-4127-86d4-d8f0b2687ae2|Terraform|Medium|Encryption|Query details
Documentation
|
+|CA Certificate Identifier Is Outdated
9f40c07e-699e-4410-8856-3ba0f2e3a2dd|Terraform|Medium|Encryption|Query details
Documentation
|
+|Cloudfront Viewer Protocol Policy Allows HTTP
55af1353-2f62-4fa0-a8e1-a210ca2708f5|Terraform|Medium|Encryption|Query details
Documentation
|
+|CloudWatch Log Group Without KMS
0afbcfe9-d341-4b92-a64c-7e6de0543879|Terraform|Medium|Encryption|Query details
Documentation
|
+|ElastiCache Replication Group Not Encrypted At Transit
1afbb3fa-cf6c-4a3d-b730-95e9f4df343e|Terraform|Medium|Encryption|Query details
Documentation
|
+|Elasticsearch Domain Not Encrypted Node To Node
967eb3e6-26fc-497d-8895-6428beb6e8e2|Terraform|Medium|Encryption|Query details
Documentation
|
+|ELB Using Insecure Protocols
126c1788-23c2-4a10-906c-ef179f4f96ec|Terraform|Medium|Encryption|Query details
Documentation
|
+|IAM Database Auth Not Enabled
88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6|Terraform|Medium|Encryption|Query details
Documentation
|
+|S3 Bucket Policy Accepts HTTP Requests
4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9|Terraform|Medium|Encryption|Query details
Documentation
|
+|Secretsmanager Secret Encrypted With AWS Managed Key
b0d3ef3f-845d-4b1b-83d6-63a5a380375f|Terraform|Medium|Encryption|Query details
Documentation
|
+|Secretsmanager Secret Without KMS
a2f548f2-188c-4fff-b172-e9a6acb216bd|Terraform|Medium|Encryption|Query details
Documentation
|
+|Secure Ciphers Disabled
5c0003fb-9aa0-42c1-9da3-eb0e332bef21|Terraform|Medium|Encryption|Query details
Documentation
|
+|SNS Topic Encrypted With AWS Managed Key
b1a72f66-2236-4f3b-87ba-0da1b366956f|Terraform|Medium|Encryption|Query details
Documentation
|
+|SQS With SSE Disabled
6e8849c1-3aa7-40e3-9063-b85ee300f29f|Terraform|Medium|Encryption|Query details
Documentation
|
+|SSM Session Transit Encryption Disabled
ce60cc6b-6831-4bd7-84a2-cc7f8ee71433|Terraform|Medium|Encryption|Query details
Documentation
|
+|ALB Deletion Protection Disabled
afecd1f1-6378-4f7e-bb3b-60c35801fdd4|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway With Open Access
15ccec05-5476-4890-ad19-53991eba1db8|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without Security Policy
4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without SSL Certificate
0b4869fc-a842-4597-aa00-1294df425440|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Certificate RSA Key Bytes Lower Than 256
874d68a3-bfbe-4a4b-aaa0-9e74d7da634b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
00e5e55e-c2ff-46b3-a757-a7a1cd802456|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|ECR Image Tag Not Immutable
d1846b12-20c5-4d45-8798-fc35b79268eb|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|ECS Task Definition Network Mode Not Recommended
9f4a9409-9c60-4671-be96-9716dbf63db1|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|EKS Cluster Has Public Access
42f4b905-3736-4213-bfe9-c0660518cda8|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|IAM User Has Too Many Access Keys
3561130e-9c5f-485b-9e16-2764c82763e5|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|No Password Policy Enabled
b592ffd4-0577-44b6-bd35-8c5ee81b5918|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket with Unsecured CORS Rule
98a8f708-121b-455b-ae2f-da3fb59d17e1|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Ignore Public ACL
4fa66806-0dd9-4f8d-9480-3174d39c7c91|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Restriction Of Public Bucket
1ec253ab-c220-4d63-b2de-5b40e0af9293|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Service Control Policies Disabled
5ba6229c-8057-433e-91d0-21cf13569ca9|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Default VPC Exists
96ed3526-0179-4c73-b1b2-372fde2e0d13|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Vulnerable Default SSL Certificate
3a1e94df-6847-4c0e-a3b6-6c6af4e128ef|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|ALB Is Not Integrated With WAF
0afa6ab8-a047-48cf-be07-93a2f8c34cf7|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|ALB Listening on HTTP
de7f5e83-da88-4046-871f-ea18504b1d43|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Endpoint Config is Not Private
6b2739db-9c49-4db7-b980-7816e0c248c1|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway without WAF
a186e82c-1078-4a7b-85d8-579561fde884|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Without WAF
1419b4c6-6d5c-4534-9cf6-6a5266085333|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Has Public IP
5a2486aa-facf-477d-a5c1-b010789459ce|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|EKS Cluster Has Public Access CIDRs
61cf9883-1752-4768-b18c-0d57f2737709|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|EKS node group remote access disabled
ba40ace1-a047-483c-8a8d-bc2d3a67a82d|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|HTTP Port Open To Internet
ffac8a12-322e-42c1-b9b9-81ff85c39ef7|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Network ACL With Unrestricted Access To SSH
3af7f2fd-06e6-4dab-b996-2912bea19ba4|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group With Unrestricted Access To SSH
65905cec-d691-4320-b320-2000436cb696|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Small Public Network
e35c16a2-d54e-419d-8546-a804d8e024d0|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
54c417bf-c762-48b9-9d31-b3d87047e3f0|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|VPC Subnet Assigns Public IP
52f04a44-6bfa-4c41-b1d3-4ae99a2de05c|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|VPC Without Network Firewall
fd632aaf-b8a1-424d-a4d1-0de22fd3247a|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Access Logging Disabled
1b6799eb-4a7a-4b04-9001-8cceb9999326|Terraform|Medium|Observability|Query details
Documentation
|
+|API Gateway Deployment Without Access Log Setting
625abc0e-f980-4ac9-a775-f7519ee34296|Terraform|Medium|Observability|Query details
Documentation
|
+|API Gateway With CloudWatch Logging Disabled
982aa526-6970-4c59-8b9b-2ce7e019fe36|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudFront Logging Disabled
94690d79-b3b0-43de-b656-84ebef5753e5|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudTrail Log Files S3 Bucket with Logging Disabled
ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudTrail Logging Disabled
4bb76f17-3d63-4529-bdca-2b454529d774|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch AWS Config Configuration Changes Alarm Missing
5b8d7527-de8e-4114-b9dd-9d988f1f418f|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch Changes To NACL Alarm Missing
0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0|Terraform|Medium|Observability|Query details
Documentation
|
+|Cloudwatch Cloudtrail Configuration Changes Alarm Missing
0f6cbf69-41bb-47dc-93f3-3844640bf480|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing
56a585f5-555c-48b2-8395-e64e4740a9cf|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch Logging Disabled
7dbba512-e244-42dc-98bb-422339827967|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch Management Console Auth Failed Alarm Missing
5864d189-ee9a-4009-ac0c-8a582e6b7919|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch Metrics Disabled
081069cb-588b-4ce1-884c-2a1ce3029fe5|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch Root Account Use Missing
8b1b1e67-6248-4dca-bbad-93486bb181c0|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch S3 policy Change Alarm Missing
27c6a499-895a-4dc7-9617-5c485218db13|Terraform|Medium|Observability|Query details
Documentation
|
+|Cloudwatch Security Group Changes Alarm Missing
4beaf898-9f8b-4237-89e2-5ffdc7ee6006|Terraform|Medium|Observability|Query details
Documentation
|
+|CloudWatch VPC Changes Alarm Missing
9d0d4512-1959-43a2-a17f-72360ff06d1b|Terraform|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
56f6a008-1b14-4af4-b9b2-ab7cf7e27641|Terraform|Medium|Observability|Query details
Documentation
|
+|EC2 Instance Monitoring Disabled
23b70e32-032e-4fa6-ba5c-82f56b9980e6|Terraform|Medium|Observability|Query details
Documentation
|
+|EKS cluster logging is not enabled
37304d3f-f852-40b8-ae3f-725e87a7cedf|Terraform|Medium|Observability|Query details
Documentation
|
+|Elasticsearch Log Disabled
acb6b4e2-a086-4f35-aefd-4db6ea51ada2|Terraform|Medium|Observability|Query details
Documentation
|
+|ELB Access Log Disabled
20018359-6fd7-4d05-ab26-d4dffccbdf79|Terraform|Medium|Observability|Query details
Documentation
|
+|Global Accelerator Flow Logs Disabled
96e8183b-e985-457b-90cd-61c0503a3369|Terraform|Medium|Observability|Query details
Documentation
|
+|GuardDuty Detector Disabled
704dadd3-54fc-48ac-b6a0-02f170011473|Terraform|Medium|Observability|Query details
Documentation
|
+|Missing Cluster Log Types
66f130d9-b81d-4e8e-9b08-da74b9c891df|Terraform|Medium|Observability|Query details
Documentation
|
+|MQ Broker Logging Disabled
31245f98-a6a9-4182-9fc1-45482b9d030a|Terraform|Medium|Observability|Query details
Documentation
|
+|MSK Cluster Logging Disabled
2f56b7ab-7fba-4e93-82f0-247e5ddeb239|Terraform|Medium|Observability|Query details
Documentation
|
+|Neptune Logging Is Disabled
45cff7b6-3b80-40c1-ba7b-2cf480678bb8|Terraform|Medium|Observability|Query details
Documentation
|
+|RDS Without Logging
8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56|Terraform|Medium|Observability|Query details
Documentation
|
+|Redshift Cluster Logging Disabled
15ffbacc-fa42-4f6f-a57d-2feac7365caa|Terraform|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Logging Disabled
f861041c-8c9f-4156-acfc-5e6e524f5884|Terraform|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Object Level CloudTrail Logging Disabled
a8fc2180-b3ac-4c93-bd0d-a55b974e4b07|Terraform|Medium|Observability|Query details
Documentation
|
+|Stack Notifications Disabled
b72d0026-f649-4c91-a9ea-15d8f681ac09|Terraform|Medium|Observability|Query details
Documentation
|
+|VPC FlowLogs Disabled
f83121ea-03da-434f-9277-9cd247ab3047|Terraform|Medium|Observability|Query details
Documentation
|
+|No Stack Policy
2f01fb2d-828a-499d-b98e-b83747305052|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Authentication Without MFA
3ddfa124-6407-4845-a501-179f90c65097|Terraform|Low|Access Control|Query details
Documentation
|
+|CloudWatch Logs Destination With Vulnerable Policy
db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8|Terraform|Low|Access Control|Query details
Documentation
|
+|EC2 Instance Using API Keys
0b93729a-d882-4803-bdc3-ac429a21f158|Terraform|Low|Access Control|Query details
Documentation
|
+|SSO Permission With Inadequate User Session Duration
ce9dfce0-5fc8-433b-944a-3b16153111a8|Terraform|Low|Access Control|Query details
Documentation
|
+|Autoscaling Groups Supply Tags
ba48df05-eaa1-4d64-905e-4a4b051e7587|Terraform|Low|Availability|Query details
Documentation
|
+|ECS Service Without Running Tasks
91f16d09-689e-4926-aca7-155157f634ed|Terraform|Low|Availability|Query details
Documentation
|
+|Automatic Minor Upgrades Disabled
3b6d777b-76e3-4133-80a3-0d6f667ade7f|Terraform|Low|Best Practices|Query details
Documentation
|
+|CDN Configuration Is Missing
1bc367f6-901d-4870-ad0c-71d79762ef52|Terraform|Low|Best Practices|Query details
Documentation
|
+|Cognito UserPool Without MFA
ec28bf61-a474-4dbe-b414-6dd3a067d6f0|Terraform|Low|Best Practices|Query details
Documentation
|
+|ECR Repository Without Policy
69e7c320-b65d-41bb-be02-d63ecc0bcc9d|Terraform|Low|Best Practices|Query details
Documentation
|
+|IAM Access Analyzer Not Enabled
e592a0c5-5bdb-414c-9066-5dba7cdea370|Terraform|Low|Best Practices|Query details
Documentation
|
+|IAM Password Without Minimum Length
1bc1c685-e593-450e-88fb-19db4c82aa1d|Terraform|Low|Best Practices|Query details
Documentation
|
+|Lambda IAM InvokeFunction Misconfigured
0ca1017d-3b80-423e-bb9c-6cd5898d34bd|Terraform|Low|Best Practices|Query details
Documentation
|
+|Lambda Permission Misconfigured
75ec6890-83af-4bf1-9f16-e83726df0bd0|Terraform|Low|Best Practices|Query details
Documentation
|
+|Misconfigured Password Policy Expiration
ce60d060-efb8-4bfd-9cf7-ff8945d00d90|Terraform|Low|Best Practices|Query details
Documentation
|
+|Password Without Reuse Prevention
89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a|Terraform|Low|Best Practices|Query details
Documentation
|
+|Stack Without Template
91bea7b8-0c31-4863-adc9-93f6177266c4|Terraform|Low|Build Process|Query details
Documentation
|
+|API Gateway With Invalid Compression
ed35928e-195c-4405-a252-98ccb664ab7b|Terraform|Low|Encryption|Query details
Documentation
|
+|CloudTrail Log Files Not Encrypted With KMS
5d9e3164-9265-470c-9a10-57ae454ac0c7|Terraform|Low|Encryption|Query details
Documentation
|
+|CodeBuild Project Encrypted With AWS Managed Key
3deec14b-03d2-4d27-9670-7d79322e3340|Terraform|Low|Encryption|Query details
Documentation
|
+|DOCDB Cluster Encrypted With AWS Managed Key
2134641d-30a4-4b16-8ffc-2cd4c4ffd15d|Terraform|Low|Encryption|Query details
Documentation
|
+|ECR Repository Not Encrypted With CMK
0e32d561-4b5a-4664-a6e3-a3fa85649157|Terraform|Low|Encryption|Query details
Documentation
|
+|EFS Without KMS
25d251f3-f348-4f95-845c-1090e41a615c|Terraform|Low|Encryption|Query details
Documentation
|
+|AWS Password Policy With Unchangeable Passwords
9ef7d25d-9764-4224-9968-fa321c56ef76|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|IAM User Policy Without MFA
b5681959-6c09-4f55-b42b-c40fa12d03ec|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Instance With No VPC
a31a5a29-718a-4ff4-8001-a69e5e4d029e|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Redis Disabled
4bd15dd9-8d5e-4008-8532-27eb0c3706d3|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Redshift Cluster Without VPC
0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Enabled MFA Delete
c5b31ab9-0f26-4a49-b8aa-4cc064392f4d|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Dynamodb VPC Endpoint Without Route Table Association
0bc534c5-13d1-4353-a7fe-b8665d5c1d7d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Using Default VPC
7e4a6e76-568d-43ef-8c4e-36dea481bff1|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Using Default Port
5d89db57-8b51-4b38-bb76-b9bd42bd40f0|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Without VPC
8c849af7-a399-46f7-a34c-32d3dc96f1fc|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|EMR Without VPC
2b3c8a6d-9856-43e6-ab1d-d651094f03b4|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|RDS Using Default Port
bca7cc4d-b3a4-4345-9461-eb69c68fcd26|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Redshift Using Default Port
41abc6cc-dde1-4217-83d3-fb5f0cc09d8f|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Wide Private Network
92fe237e-074c-4262-81a4-2077acb928c1|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Shield Advanced Not In Use
084c6686-2a70-4710-91b1-000393e54c12|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|SQS VPC Endpoint Without DNS Resolution
e9b7acf9-9ba0-4837-a744-31e7df1e434d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|API Gateway Deployment Without API Gateway UsagePlan Associated
b3a59b8e-94a3-403e-b6e2-527abaf12034|Terraform|Low|Observability|Query details
Documentation
|
+|API Gateway X-Ray Disabled
5813ef56-fa94-406a-b35d-977d4a56ff2b|Terraform|Low|Observability|Query details
Documentation
|
+|CloudTrail Log File Validation Disabled
52ffcfa6-6c70-4ea6-8376-d828d3961669|Terraform|Low|Observability|Query details
Documentation
|
+|CloudTrail Multi Region Disabled
8173d5eb-96b5-4aa6-a71b-ecfa153c123d|Terraform|Low|Observability|Query details
Documentation
|
+|CloudTrail Not Integrated With CloudWatch
17b30f8f-8dfb-4597-adf6-57600b6cf25e|Terraform|Low|Observability|Query details
Documentation
|
+|CloudTrail SNS Topic Name Undefined
482b7d26-0bdb-4b5f-bf6f-545826c0a3dd|Terraform|Low|Observability|Query details
Documentation
|
+|CloudWatch Console Sign-in Without MFA Alarm Missing
44ceb4fa-0897-4fd2-b676-30e7a58f2933|Terraform|Low|Observability|Query details
Documentation
|
+|CloudWatch IAM Policy Changes Alarm Missing
eaaba502-2f94-411a-a3c2-83d63cc1776d|Terraform|Low|Observability|Query details
Documentation
|
+|CloudWatch Network Gateways Changes Alarm Missing
6b6874fe-4c2f-4eea-8b90-7cceaa4a125e|Terraform|Low|Observability|Query details
Documentation
|
+|CloudWatch Route Table Changes Alarm Missing
2285e608-ddbc-47f3-ba54-ce7121e31216|Terraform|Low|Observability|Query details
Documentation
|
+|CMK Rotation Disabled
22fbfeac-7b5a-421a-8a27-7a2178bb910b|Terraform|Low|Observability|Query details
Documentation
|
+|Configuration Aggregator to All Regions Disabled
ac5a0bc0-a54c-45aa-90c3-15f7703b9132|Terraform|Low|Observability|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
97cb0688-369a-4d26-b1f7-86c4c91231bc|Terraform|Low|Observability|Query details
Documentation
|
+|ElasticSearch Without Slow Logs
e979fcbc-df6c-422d-9458-c33d65e71c45|Terraform|Low|Observability|Query details
Documentation
|
+|KMS Key With No Deletion Window
0b530315-0ea4-497f-b34c-4ff86268f59d|Terraform|Low|Observability|Query details
Documentation
|
+|Lambda Functions Without X-Ray Tracing
8152e0cf-d2f0-47ad-96d5-d003a76eabd1|Terraform|Low|Observability|Query details
Documentation
|
+|Unscanned ECR Image
9630336b-3fed-4096-8173-b9afdfe346a7|Terraform|Low|Observability|Query details
Documentation
|
+|API Gateway Stage Without API Gateway UsagePlan Associated
c999cf62-0920-40f8-8dda-0caccd66ed7e|Terraform|Low|Resource Management|Query details
Documentation
|
+|Security Group Not Used
4849211b-ac39-479e-ae78-5694d506cb24|Terraform|Info|Access Control|Query details
Documentation
|
+|DynamoDB Table Point In Time Recovery Disabled
741f1291-47ac-4a85-a07b-3d32a9d6bd3e|Terraform|Info|Best Practices|Query details
Documentation
|
+|EC2 Not EBS Optimized
60224630-175a-472a-9e23-133827040766|Terraform|Info|Best Practices|Query details
Documentation
|
+|Resource Not Using Tags
e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10|Terraform|Info|Best Practices|Query details
Documentation
|
+|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Terraform|Info|Best Practices|Query details
Documentation
|
+|Security Group Rule Without Description
cb3f5ed6-0d18-40de-a93d-b3538db31e8c|Terraform|Info|Best Practices|Query details
Documentation
|
+|CloudWatch AWS Organizations Changes Missing Alarm
38b85c45-e772-4de8-a247-69619ca137b3|Terraform|Info|Observability|Query details
Documentation
|
+|CloudWatch Without Retention Period Specified
ef0b316a-211e-42f1-888e-64efe172b755|Terraform|Info|Observability|Query details
Documentation
|
+|BOM - AWS DynamoDB
23edf35f-7c22-4ff9-87e6-0ca74261cfbf|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EBS
86571149-eef3-4280-a645-01e60df854b0|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EFS
f53f16d6-46a9-4277-9fbe-617b1e24cdca|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Elasticache
54229498-850b-4f78-b3a7-218d24ef2c37|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Kinesis
0e59d33e-bba2-4037-8f88-9765647ca7ad|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MQ
fcb1b388-f558-4b7f-9b6e-f4e98abb7380|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MSK
051f2063-2517-4295-ad8e-ba88c1bf5cfc|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS RDS
12933609-c5bf-44b4-9a41-a6467c3b685b|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS S3 Buckets
2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SNS
eccc4d59-74b9-4974-86f1-74386e0c7f33|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SQS
baecd2da-492a-4d59-b9dc-29540a1398e0|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|CosmosDB Account IP Range Filter Not Set
c2a3efb6-8a58-481c-82f2-bfddf34bb4b7|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Entirely Accessible
fd8da341-6760-4450-b26c-9f6d8850575e|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Publicly Accessible
5089d055-53ff-421b-9482-a5267bdce629|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|SQLServer Ingress From Any IP
25c0ea09-f1c5-4380-b055-3b83863f2bb8|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|Unrestricted SQL Server Access
d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28|Terraform|Critical|Networking and Firewall|Query details
Documentation
|
+|Public Storage Account
17f75827-0684-48f4-8747-61129c7e4198|Terraform|High|Access Control|Query details
Documentation
|
+|Storage Container Is Publicly Accessible
dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299|Terraform|High|Access Control|Query details
Documentation
|
+|Azure Container Registry With No Locks
a187ac47-8163-42ce-8a63-c115236be6fb|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Security Group is Not Configured
5c822443-e1ea-46b8-84eb-758ec602e844|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|MariaDB Server Public Network Access Enabled
7f0a8696-7159-4337-ad0d-8a3ab4a78195|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|MSSQL Server Public Network Access Enabled
ade36cf4-329f-4830-a83d-9db72c800507|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|MySQL Server Public Access Enabled
f118890b-2468-42b1-9ce9-af35146b425b|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|RDP Is Exposed To The Internet
efbf6449-5ec5-4cfe-8f15-acc51e0d787c|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Entire Network
594c198b-4d79-41b8-9b36-fde13348b619|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Admin User Enabled For Container Registry
b897dfbf-322c-45a8-b67c-1e698beeaa51|Terraform|Medium|Access Control|Query details
Documentation
|
+|AKS RBAC Disabled
86f92117-eed8-4614-9c6c-b26da20ff37f|Terraform|Medium|Access Control|Query details
Documentation
|
+|App Service Authentication Disabled
c7fc1481-2899-4490-bbd8-544a3a61a2f3|Terraform|Medium|Access Control|Query details
Documentation
|
+|Function App Authentication Disabled
e65a0733-94a0-4826-82f4-df529f4c593f|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role Assignment Not Limit Guest User Permissions
8e75e431-449f-49e9-b56a-c8f1378025cf|Terraform|Medium|Access Control|Query details
Documentation
|
+|Role Definition Allows Custom Role Creation
3fa5900f-9aac-4982-96b2-a6143d9c99fb|Terraform|Medium|Access Control|Query details
Documentation
|
+|Storage Share File Allows All ACL Permissions
48bbe0fd-57e4-4678-a4a1-119e79c90fc3|Terraform|Medium|Access Control|Query details
Documentation
|
+|Storage Table Allows All ACL Permissions
3ac3e75c-6374-4a32-8ba0-6ed69bda404e|Terraform|Medium|Access Control|Query details
Documentation
|
+|Azure Instance Using Basic Authentication
dafe30ec-325d-4516-85d1-e8e6776f012c|Terraform|Medium|Best Practices|Query details
Documentation
|
+|Key Vault Secrets Content Type Undefined
f8e08a38-fc6e-4915-abbe-a7aadf1d59ef|Terraform|Medium|Best Practices|Query details
Documentation
|
+|Security Contact Email
34664094-59e0-4524-b69f-deaa1a68cce3|Terraform|Medium|Best Practices|Query details
Documentation
|
+|App Service Not Using Latest TLS Encryption Version
b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643|Terraform|Medium|Encryption|Query details
Documentation
|
+|Encryption On Managed Disk Disabled
a99130ab-4c0e-43aa-97f8-78d4fcb30024|Terraform|Medium|Encryption|Query details
Documentation
|
+|Function App Not Using Latest TLS Encryption Version
45fc717a-bd86-415c-bdd8-677901be1aa6|Terraform|Medium|Encryption|Query details
Documentation
|
+|MySQL SSL Connection Disabled
73e42469-3a86-4f39-ad78-098f325b4e9f|Terraform|Medium|Encryption|Query details
Documentation
|
+|SSL Enforce Disabled
0437633b-daa6-4bbc-8526-c0d2443b946e|Terraform|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Forcing HTTPS
12944ec4-1fa0-47be-8b17-42a034f937c2|Terraform|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Using Latest TLS Encryption Version
8263f146-5e03-43e0-9cfe-db960d56d1e7|Terraform|Medium|Encryption|Query details
Documentation
|
+|AD Admin Not Configured For SQL Server
a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|AKS Private Cluster Disabled
599318f2-6653-4569-9e21-041d06c63a89|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|App Service FTPS Enforce Disabled
85da374f-b00f-4832-9d44-84a1ca1e89f8|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|App Service HTTP2 Disabled
525b53be-62ed-4244-b4df-41aecfcb4071|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Azure App Service Client Certificate Disabled
a81573f9-3691-4d83-88a0-7d4af63e17a3|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App Client Certificates Unrequired
9bb3c639-5edf-458c-8ee5-30c17c7d671d|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App FTPS Enforce Disabled
9dab0179-433d-4dff-af8f-0091025691df|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App HTTP2 Disabled
ace823d1-4432-4dee-945b-cdf11a5a6bd0|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App Managed Identity Disabled
c87749b3-ff10-41f5-9df2-c421e8151759|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Watcher Flow Disabled
b90842e5-6779-44d4-9760-972f4c03ba1c|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
e29a75e6-aba3-4896-b42d-b87818c16b58|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Redis Not Updated Regularly
b947809d-dd2f-4de9-b724-04d101c515aa|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Security Center Pricing Tier Is Not Standard
819d50fd-1cdf-45c3-9936-be408aaad93e|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Small Flow Logs Retention Period
7750fcca-dd03-4d38-b663-4b70289bcfd4|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|VM Not Attached To Network
bbf6b3df-4b65-4f87-82cc-da9f30f8c033|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Web App Accepting Traffic Other Than HTTPS
11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Default Azure Storage Account Network Access Is Too Permissive
a5613650-32ec-4975-a305-31af783153ea|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Azure Cognitive Search Public Network Access Enabled
4a9e0f00-0765-4f72-a0d4-d31110b78279|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache
a829b715-cf75-4e92-b645-54c9b739edfb|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Network Interfaces IP Forwarding Enabled
4216ebac-d74c-4423-b437-35025cb88af5|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Network Interfaces With Public IP
c1573577-e494-4417-8854-7e119368dc8b|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Small Public Network
e9dee01f-2505-4df2-b9bf-7804d1fd9082|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Is Exposed To The Internet
3e3c175e-aadf-4e2b-a464-3fdac5748d24|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Trusted Microsoft Services Not Enabled
5400f379-a347-4bdd-a032-446465fdcc6f|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|WAF Is Disabled For Azure Application Gateway
2e48d91c-50e4-45c8-9312-27b625868a72|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Email Alerts Disabled
9db38e87-f6aa-4b5e-a1ec-7266df259409|Terraform|Medium|Observability|Query details
Documentation
|
+|Log Retention Is Not Set
ffb02aca-0d12-475e-b77c-a726f7aeff4b|Terraform|Medium|Observability|Query details
Documentation
|
+|MSSQL Server Auditing Disabled
609839ae-bd81-4375-9910-5bce72ae7b92|Terraform|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Checkpoints Disabled
3790d386-be81-4dcf-9850-eaa7df6c10d9|Terraform|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Connections Not Set
c640d783-10c5-4071-b6c1-23507300d333|Terraform|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Disconnections Not Set
07f7134f-9f37-476e-8664-670c218e4702|Terraform|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Duration Not Set
16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f|Terraform|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Server Without Connection Throttling
2b3c671f-1b76-4741-8789-ed1fe0785dc4|Terraform|Medium|Observability|Query details
Documentation
|
+|SQL Server Auditing Disabled
f7e296b0-6660-4bc5-8f87-22ac4a815edf|Terraform|Medium|Observability|Query details
Documentation
|
+|Vault Auditing Disabled
38c71c00-c177-4cd7-8d36-cd1007cdb190|Terraform|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Server Threat Detection Policy Disabled
c407c3cf-c409-4b29-b590-db5f4138d332|Terraform|Medium|Resource Management|Query details
Documentation
|
+|SQL Database Audit Disabled
83a229ba-483e-47c6-8db7-dc96969bce5a|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Key Expiration Not Set
4d080822-5ee2-49a4-8984-68f3d4c890fc|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Secret Expiration Not Set
dfa20ffa-f476-428f-a490-424b41e91c7f|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Azure Active Directory Authentication
a21c8da9-41bf-40cf-941d-330cf0d11fc7|Terraform|Low|Access Control|Query details
Documentation
|
+|Virtual Network with DDoS Protection Plan disabled
b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a|Terraform|Low|Availability|Query details
Documentation
|
+|Geo Redundancy Is Disabled
8b042c30-e441-453f-b162-7696982ebc58|Terraform|Low|Backup|Query details
Documentation
|
+|MariaDB Server Geo-redundant Backup Disabled
0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1|Terraform|Low|Backup|Query details
Documentation
|
+|AKS Uses Azure Policies Add-On Disabled
43789711-161b-4708-b5bb-9d1c626f7492|Terraform|Low|Best Practices|Query details
Documentation
|
+|App Service Without Latest PHP Version
96fe318e-d631-4156-99fa-9080d57280ae|Terraform|Low|Best Practices|Query details
Documentation
|
+|App Service Without Latest Python Version
cc4aaa9d-1070-461a-b519-04e00f42db8a|Terraform|Low|Best Practices|Query details
Documentation
|
+|SQL Server Predictable Active Directory Account Name
bcd3fc01-5902-4f2a-b05a-227f9bbf5450|Terraform|Low|Best Practices|Query details
Documentation
|
+|SQL Server Predictable Admin Account Name
2ab6de9a-0136-415c-be92-79d2e4fd750f|Terraform|Low|Best Practices|Query details
Documentation
|
+|Cosmos DB Account Without Tags
56dad03e-e94f-4dd6-93a4-c253a03ff7a0|Terraform|Low|Build Process|Query details
Documentation
|
+|AKS Disk Encryption Set ID Undefined
b17d8bb8-4c08-4785-867e-cb9e62a622aa|Terraform|Low|Encryption|Query details
Documentation
|
+|PostgreSQL Server Infrastructure Encryption Disabled
6425c98b-ca4e-41fe-896a-c78772c131f8|Terraform|Low|Encryption|Query details
Documentation
|
+|AKS Network Policy Misconfigured
f5342045-b935-402d-adf1-8dbbd09c0eef|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Dashboard Is Enabled
61c3cb8b-0715-47e4-b788-86dde40dd2db|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Azure Front Door WAF Disabled
835a4f2f-df43-437d-9943-545ccfc55961|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Wide Private Network
c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Small Activity Log Retention Period
2b856bf9-8e8c-4005-875f-303a8cba3918|Terraform|Low|Observability|Query details
Documentation
|
+|Small MSSQL Audit Retention Period
9c301481-e6ec-44f7-8a49-8ec63e2969ea|Terraform|Low|Observability|Query details
Documentation
|
+|Small MSSQL Server Audit Retention
59acb56b-2b10-4c2c-ba38-f2223c3f5cfc|Terraform|Low|Observability|Query details
Documentation
|
+|Small PostgreSQL DB Server Log Retention Period
261a83f8-dd72-4e8c-b5e1-ebf06e8fe606|Terraform|Low|Observability|Query details
Documentation
|
+|App Service Managed Identity Disabled
b61cce4b-0cc4-472b-8096-15617a6d769b|Terraform|Low|Resource Management|Query details
Documentation
|
+|SQL Server Alert Email Disabled
55975007-f6e7-4134-83c3-298f1fe4b519|Terraform|Info|Best Practices|Query details
Documentation
|
+|Beta - Databricks Cluster or Job With None Or Insecure Permission(s)
a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Unrestricted Databricks ACL
2c4fe4a9-f44b-4c70-b09b-5b75cd251805|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Job's Task is Legacy (spark_submit_task)
375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7|Terraform|Medium|Best Practices|Query details
Documentation
|
+|Beta - Indefinitely Databricks OBO Token Lifetime
23e1f5f0-12b7-4d7e-9087-f60f42ccd514|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Beta - Indefinitely Databricks Token Lifetime
7d05ca25-91b4-42ee-b6f6-b06611a87ce8|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Beta - Databricks Autoscale Badly Setup
953c0cc6-5f30-44cb-a803-bf4ef2571be8|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Beta - Databricks Group Without User Or Instance Profile
23c3067a-8cc9-480c-b645-7c1e0ad4bf60|Terraform|Low|Access Control|Query details
Documentation
|
+|Beta - Check Databricks Cluster AWS Attribute Best Practices
b0749c53-e3ff-4d09-bbe4-dca94e2e7a38|Terraform|Low|Best Practices|Query details
Documentation
|
+|Beta - Check Databricks Cluster Azure Attribute Best Practices
38028698-e663-4ef7-aa92-773fef0ca86f|Terraform|Low|Best Practices|Query details
Documentation
|
+|Beta - Check Databricks Cluster GCP Attribute Best Practices
539e4557-d2b5-4d57-a001-cb01140a4e2d|Terraform|Low|Best Practices|Query details
Documentation
|
+|Beta - Check use no LTS Spark Version
5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6|Terraform|Low|Best Practices|Query details
Documentation
|
+|Cloud Storage Anonymous or Publicly Accessible
a6cd52a1-3056-4910-96a5-894de9f3f3b3|Terraform|Critical|Access Control|Query details
Documentation
|
+|SQL DB Instance Publicly Accessible
b187edca-b81e-4fdc-aff4-aab57db45edb|Terraform|Critical|Insecure Configurations|Query details
Documentation
|
+|BigQuery Dataset Is Public
e576ce44-dd03-4022-a8c0-3906acca2ab4|Terraform|High|Access Control|Query details
Documentation
|
+|Google Project IAM Binding Service Account has Token Creator or Account User Role
617ef6ff-711e-4bd7-94ae-e965911b1b40|Terraform|High|Access Control|Query details
Documentation
|
+|Google Project IAM Member Service Account Has Admin Role
84d36481-fd63-48cb-838e-635c44806ec2|Terraform|High|Access Control|Query details
Documentation
|
+|Google Project IAM Member Service Account has Token Creator or Account User Role
c68b4e6d-4e01-4ca1-b256-1e18e875785c|Terraform|High|Access Control|Query details
Documentation
|
+|KMS Crypto Key is Publicly Accessible
16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5|Terraform|High|Encryption|Query details
Documentation
|
+|SQL DB Instance With SSL Disabled
02474449-71aa-40a1-87ae-e14497747b00|Terraform|High|Encryption|Query details
Documentation
|
+|GKE Legacy Authorization Enabled
5baa92d2-d8ee-4c75-88a4-52d9d8bb8067|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Google Storage Bucket Level Access Disabled
bb0db090-5509-4853-a827-75ced0b3caa0|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|RDP Access Is Not Restricted
678fd659-96f2-454a-a2a0-c2571f83a4a3|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Is Publicly Accessible
c010082c-76e0-4b91-91d9-6e8439e455dd|Terraform|Medium|Access Control|Query details
Documentation
|
+|KMS Admin and CryptoKey Roles In Use
92e4464a-4139-4d57-8742-b5acc0347680|Terraform|Medium|Access Control|Query details
Documentation
|
+|OSLogin Disabled
32ecd6eb-0711-421f-9627-1a28d9eff217|Terraform|Medium|Access Control|Query details
Documentation
|
+|VM With Full Cloud Access
bc280331-27b9-4acb-a010-018e8098aa5d|Terraform|Medium|Access Control|Query details
Documentation
|
+|SQL DB Instance Backup Disabled
cf3c7631-cd1e-42f3-8801-a561214a6e79|Terraform|Medium|Backup|Query details
Documentation
|
+|Disk Encryption Disabled
b1d51728-7270-4991-ac2f-fc26e2695b38|Terraform|Medium|Encryption|Query details
Documentation
|
+|DNSSEC Using RSASHA1
ccc3100c-0fdd-4a5e-9908-c10107291860|Terraform|Medium|Encryption|Query details
Documentation
|
+|Google Compute SSL Policy Weak Cipher In Use
14a457f0-473d-4d1d-9e37-6d99b355b336|Terraform|Medium|Encryption|Query details
Documentation
|
+|Cloud DNS Without DNSSEC
5ef61c88-bbb4-4725-b1df-55d23c9676bb|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Container Node Pool Auto Repair Disabled
acfdbec6-4a17-471f-b412-169d77553332|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Project Auto Create Network Disabled
59571246-3f62-4965-a96f-c7d97e269351|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|IP Aliasing Disabled
c606ba1d-d736-43eb-ac24-e16108f3a9e0|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Policy Disabled
11e7550e-c4b6-472e-adff-c698f157cdd7|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|OSLogin Is Disabled For VM Instance
d0b4d550-c001-46c3-bbdb-d5d75d33f05f|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Pod Security Policy Disabled
9192e0f9-eca5-4056-9282-ae2a736a4088|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Private Cluster Disabled
6ccb85d7-0420-4907-9380-50313f80946b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded GKE Nodes Disabled
579a0727-9c29-4d58-8195-fc5802a8bdb4|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded VM Disabled
1b44e234-3d73-41a8-9954-0b154135280e|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|GKE Using Default Service Account
1c8eef02-17b1-4a3e-b01d-dcc3292d2c38|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Using Default Service Account
3cb4af0b-056d-4fb1-8b95-fdc4593625ff|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Google Compute Network Using Default Firewall Rule
40abce54-95b1-478c-8e5f-ea0bf0bb0e33|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows All Ports
22ef1d26-80f8-4a6c-8c15-f35aab3cac78|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|IP Forwarding Enabled
f34c0c25-47b4-41eb-9c79-249b4dd47b89|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Serial Ports Are Enabled For VM Instances
97fa667a-d05b-4f16-9071-58b939f34751|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Access Is Not Restricted
c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
d6cabc3a-d57e-48c2-b341-bf3dd4f4a120|Terraform|Medium|Observability|Query details
Documentation
|
+|Cloud Storage Bucket Versioning Disabled
e7e961ac-d17e-4413-84bc-8a1fbe242944|Terraform|Medium|Observability|Query details
Documentation
|
+|Google Compute Subnetwork Logging Disabled
40430747-442d-450a-a34f-dc57149f4609|Terraform|Medium|Observability|Query details
Documentation
|
+|Stackdriver Logging Disabled
4c7ebcb2-eae2-461e-bc83-456ee2d4f694|Terraform|Medium|Observability|Query details
Documentation
|
+|Stackdriver Monitoring Disabled
30e8dfd2-3591-4d19-8d11-79e93106c93d|Terraform|Medium|Observability|Query details
Documentation
|
+|Node Auto Upgrade Disabled
b139213e-7d24-49c2-8025-c18faa21ecaa|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Service Account with Improper Privileges
cefdad16-0dd5-4ac5-8ed2-a37502c78672|Terraform|Medium|Resource Management|Query details
Documentation
|
+|High Google KMS Crypto Key Rotation Period
d8c57c4e-bf6f-4e32-a2bf-8643532de77b|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Project-wide SSH Keys Are Enabled In VM Instances
3e4d5ce6-3280-4027-8010-c26eeea1ec01|Terraform|Medium|Secret Management|Query details
Documentation
|
+|User with IAM Role
704fcc44-a58f-4af5-82e2-93f2a58ef918|Terraform|Low|Access Control|Query details
Documentation
|
+|Outdated GKE Version
128df7ec-f185-48bc-8913-ce756a3ccb85|Terraform|Low|Best Practices|Query details
Documentation
|
+|Cluster Labels Disabled
65c1bc7a-4835-4ac4-a2b6-13d310b0648d|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|COS Node Image Not Used
8a893e46-e267-485a-8690-51f39951de58|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Legacy Client Certificate Auth Enabled
73fb21a1-b19a-45b1-b648-b47b1678681e|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Not Proper Email Account In Use
9356962e-4a4f-4d06-ac59-dc8008775eaa|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows Port Range
e6f61c37-106b-449f-a5bb-81bfcaceb8b4|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Google Compute Subnetwork with Private Google Access Disabled
ee7b93c1-b3f8-4a3b-9588-146d481814f5|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|IAM Audit Not Properly Configured
89fe890f-b480-460c-8b6b-7d8b1468adb4|Terraform|Low|Observability|Query details
Documentation
|
+|BOM - GCP Dataflow
895ed0d9-6fec-4567-8614-d7a74b599a53|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP FI
c9d81239-c818-4869-9917-1570c62b81fd|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PD
dd7d70aa-a6ec-460d-b5d2-38b40253b16f|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PST
4b82202a-b18e-4891-a1eb-a0989850bbb3|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP Redis
bc75ce52-a60a-4660-b533-bce837a5019b|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP SB
2f06d22c-56bd-4f73-8a51-db001fcf2150|Terraform|Trace|Bill Of Materials|Query details
Documentation
|
+|Github Organization Webhook With SSL Disabled
ce7c874e-1b88-450b-a5e4-cb76ada3c8a9|Terraform|Medium|Encryption|Query details
Documentation
|
+|GitHub Repository Set To Public
15d8a7fd-465a-4d15-a868-add86552f17b|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Non Kube System Pod With Host Mount
86a947ea-f577-4efb-a8b0-5fc00257d521|Terraform|High|Access Control|Query details
Documentation
|
+|Cluster Allows Unsafe Sysctls
a9174d31-d526-4ad9-ace4-ce7ddbf52e03|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Container Is Privileged
87065ef8-de9b-40d8-9753-f4a4303e27a4|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Container Runs Unmasked
0ad60203-c050-4115-83b6-b94bde92541d|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Containers With Sys Admin Capabilities
3f55386d-75cd-4e9a-ac47-167b26c04724|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Privilege Escalation Allowed
c878abb4-cca5-4724-92b9-289be68bd47c|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Containers To Share The Host Network Namespace
4950837c-0ce5-4e42-9bee-a25eae73740b|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Privilege Escalation
2bff9906-4e9b-4f71-9346-8ebedfdf43ef|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Sharing Host IPC
51bed0ac-a8ae-407a-895e-90c6cb0610ce|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|PSP Set To Privileged
a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|PSP With Added Capabilities
48388bd2-7201-4dcc-b56d-e8a9efa58fad|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Tiller (Helm v2) Is Deployed
ca2fba76-c1a7-4afd-be67-5249f861cb0e|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Workload Mounting With Sensitive OS Directory
a737be28-37d8-4bff-aa6d-1be8aa0a0015|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Volume Mount With OS Directory Write Permissions
a62a99d1-8196-432f-8f80-3c100b05d62a|Terraform|High|Resource Management|Query details
Documentation
|
+|Docker Daemon Socket is Exposed to Containers
4e203a65-c8d8-49a2-b749-b124d43c9dc1|Terraform|Medium|Access Control|Query details
Documentation
|
+|Missing App Armor Config
bd6bd46c-57db-4887-956d-d372f21291b6|Terraform|Medium|Access Control|Query details
Documentation
|
+|Permissive Access to Create Pods
522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba|Terraform|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Read Secrets Permissions
826abb30-3cd5-4e0b-a93b-67729b4f7e63|Terraform|Medium|Access Control|Query details
Documentation
|
+|Readiness Probe Is Not Configured
8657197e-3f87-4694-892b-8144701d83c1|Terraform|Medium|Availability|Query details
Documentation
|
+|Root Containers Admitted
4c415497-7410-4559-90e8-f2c8ac64ee38|Terraform|Medium|Best Practices|Query details
Documentation
|
+|Incorrect Volume Claim Access Mode ReadWriteOnce
26b047a9-0329-48fd-8fb7-05bbe5ba80ee|Terraform|Medium|Build Process|Query details
Documentation
|
+|Container Host Pid Is True
587d5d82-70cf-449b-9817-f60f9bccb88c|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Container Resources Limits Undefined
60af03ff-a421-45c8-b214-6741035476fa|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Containers With Added Capabilities
fe771ff7-ba15-4f8f-ad7a-8aa232b49a28|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Ingress Controller Exposes Workload
e2c83c1f-84d7-4467-966c-ed41fd015bb9|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Disabled for PSP
9aa32890-ac1a-45ee-81ca-5164e2098556|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Not Being Dropped
e5587d53-a673-4a6b-b3f2-ba07ec274def|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Seccomp Profile Is Not Configured
455f2e0c-686d-4fcb-8b5f-3f953f12c43c|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Role Binding To Default Service Account
3360c01e-c8c0-4812-96a2-a6329b9b7f9f|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Name Undefined Or Empty
24b132df-5cc7-4823-8029-f898e1c50b72|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Token Automount Not Disabled
a9a13d4f-f17a-491b-b074-f54bffffcb4a|Terraform|Medium|Insecure Defaults|Query details
Documentation
|
+|Service With External Load Balancer
2a52567c-abb8-4651-a038-52fa27c77aed|Terraform|Medium|Networking and Firewall|Query details
Documentation
|
+|Memory Limits Not Defined
fd097ed0-7fe6-4f58-8b71-fef9f0820a21|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Memory Requests Not Defined
21719347-d02b-497d-bda4-04a03c8e5b61|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Shared Host IPC Namespace
e94d3121-c2d1-4e34-a295-139bfeb73ea3|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Shared Host Network Namespace
ac1564a3-c324-4747-9fa1-9dfc234dace0|Terraform|Medium|Resource Management|Query details
Documentation
|
+|Service Account Allows Access Secrets
07fc3413-e572-42f7-9877-5c8fc6fccfb5|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Shared Service Account
f74b9c43-161a-4799-bc95-0b0ec81801b9|Terraform|Medium|Secret Management|Query details
Documentation
|
+|Cluster Admin Rolebinding With Superuser Permissions
17172bc2-56fb-4f17-916f-a014147706cd|Terraform|Low|Access Control|Query details
Documentation
|
+|Deployment Without PodDisruptionBudget
a05331ee-1653-45cb-91e6-13637a76e4f0|Terraform|Low|Availability|Query details
Documentation
|
+|HPA Targets Invalid Object
17e52ca3-ddd0-4610-9d56-ce107442e110|Terraform|Low|Availability|Query details
Documentation
|
+|StatefulSet Without PodDisruptionBudget
7249e3b0-9231-4af3-bc5f-5daf4988ecbf|Terraform|Low|Availability|Query details
Documentation
|
+|StatefulSet Without Service Name
420e6360-47bb-46f6-9072-b20ed22c842d|Terraform|Low|Availability|Query details
Documentation
|
+|Metadata Label Is Invalid
bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e|Terraform|Low|Best Practices|Query details
Documentation
|
+|No Drop Capabilities for Containers
21cef75f-289f-470e-8038-c7cee0664164|Terraform|Low|Best Practices|Query details
Documentation
|
+|Root Container Not Mounted As Read-only
d532566b-8d9d-4f3b-80bd-361fe802f9c2|Terraform|Low|Build Process|Query details
Documentation
|
+|StatefulSet Requests Storage
fcc2612a-1dfe-46e4-8ce6-0320959f0040|Terraform|Low|Build Process|Query details
Documentation
|
+|Default Service Account In Use
737a0dd9-0aaa-4145-8118-f01778262b8a|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Image Pull Policy Of The Container Is Not Set To Always
aa737abf-6b1d-4aba-95aa-5c160bd7f96e|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Image Without Digest
228c4c19-feeb-4c18-848c-800ac70fdfb7|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without Security Context
ad69e38a-d92e-4357-a8da-f2f29d545883|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Using Default Namespace
abcb818b-5af7-4d72-aba9-6dd84956b451|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Network Policy Is Not Targeting Any Pod
b80b14c6-aaa2-4876-b651-8a48b6c32fbf|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Service Type is NodePort
5c281bf8-d9bb-47f2-b909-3f6bb11874ad|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Workload Host Port Not Specified
4e74cf4f-ff65-4c1a-885c-67ab608206ce|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|CPU Limits Not Set
5f4735ce-b9ba-4d95-a089-a37a767b716f|Terraform|Low|Resource Management|Query details
Documentation
|
+|CPU Requests Not Set
577ac19c-6a77-46d7-9f14-e049cdd15ec2|Terraform|Low|Resource Management|Query details
Documentation
|
+|CronJob Deadline Not Configured
58876b44-a690-4e9f-9214-7735fa0dd15d|Terraform|Low|Resource Management|Query details
Documentation
|
+|Deployment Has No PodAntiAffinity
461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3|Terraform|Low|Resource Management|Query details
Documentation
|
+|Secrets As Environment Variables
6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8|Terraform|Low|Secret Management|Query details
Documentation
|
+|Invalid Image
e76cca7c-c3f9-4fc9-884c-b2831168ebd8|Terraform|Low|Supply-Chain|Query details
Documentation
|
+|Liveness Probe Is Not Defined
5b6d53dd-3ba3-4269-b4d7-f82e880e43c3|Terraform|Info|Availability|Query details
Documentation
|
+|Beta - Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud ELB Listener Use HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud ELB Use HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Listener Use HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Use HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Use Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Use Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Router Undefined Security Group To Router
e7dada38-af20-4899-8955-dabea84ab1f0|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
b3535a48-910c-47f8-8b3b-14222f29ef80|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Terraform|Medium|Backup|Query details
Documentation
|
+|Beta - Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Generic Git Module Without Revision
3a81fc06-566f-492a-91dd-7448e409e2cd|Terraform|Info|Best Practices|Query details
Documentation
|
+|Name Is Not Snake Case
1e434b25-8763-4b00-a5ca-ca03b7abbb66|Terraform|Info|Best Practices|Query details
Documentation
|
+|Output Without Description
59312e8a-a64e-41e7-a252-618533dd1ea8|Terraform|Info|Best Practices|Query details
Documentation
|
+|Variable Without Description
2a153952-2544-4687-bcc9-cc8fea814a9b|Terraform|Info|Best Practices|Query details
Documentation
|
+|Variable Without Type
fc5109bf-01fd-49fb-8bde-4492b543c34a|Terraform|Info|Best Practices|Query details
Documentation
|
+|Beta - CLB Listener Using Insecure Protocols
fe08b81c-12e9-4b5e-9006-4218fca750fd|Terraform|High|Encryption|Query details
Documentation
|
+|Beta - TKE Cluster Encryption Protection Disabled
3ed47402-e322-465f-a0f0-8681135a17b0|Terraform|High|Encryption|Query details
Documentation
|
+|Beta - CDB Instance Internet Service Enabled
5d820574-4a60-4916-b049-0810b8629731|Terraform|High|Insecure Configurations|Query details
Documentation
|
+|Beta - CVM Instance Has Public IP
a74b4602-a62c-4a02-956a-e19f86ea24b5|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Security Group Rule Set Accepts All Traffic
d135a36e-c474-452f-b891-76db1e6d1cd5|Terraform|High|Networking and Firewall|Query details
Documentation
|
+|Beta - CDB Instance Without Backup Policy
ca94be07-7de3-4ae7-85ef-67e0462ec694|Terraform|Medium|Backup|Query details
Documentation
|
+|Beta - CLB Instance Log Setting Disabled
ada01ed1-b10c-4f2a-b110-b20fa4f9baa6|Terraform|Medium|Encryption|Query details
Documentation
|
+|Beta - Disk Encryption Disabled
1ee0f202-31da-49ba-bbce-04a989912e4b|Terraform|Medium|Encryption|Query details
Documentation
|
+|Beta - TKE Cluster Has Public Access
df6928ed-02f4-421f-9a67-a529860dd7e7|Terraform|Medium|Insecure Configurations|Query details
Documentation
|
+|Beta - CVM Instance Using Default Security Group
93bb2065-63ec-45a2-a466-f106b56f2e32|Terraform|Low|Access Control|Query details
Documentation
|
+|Beta - CVM Instance Using User Data
5bb6fa08-5e84-4760-a54a-cdcd66626976|Terraform|Low|Access Control|Query details
Documentation
|
+|Beta - CDB Instance Internet Using Default Intranet Port
18d6aa4b-7570-4d95-9c75-90363ef1abd9|Terraform|Low|Insecure Configurations|Query details
Documentation
|
+|Beta - CVM Instance Using Default VPC
b4e75c5c-83d5-4568-90e3-57ed5ec4051b|Terraform|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - TKE Cluster Log Agent Is Not Enabled
fe405074-7e18-40f9-9aef-024aa1d0a889|Terraform|Low|Observability|Query details
Documentation
|
+|Beta - VPC Flow Logs Disabled
a3240001-40db-47b7-abb9-2bcd6a04c430|Terraform|Low|Observability|Query details
Documentation
|
+|Beta - CVM Instance Disable Monitor Service
966ed4f7-b8a5-4e8d-b2bf-098657c98960|Terraform|Info|Observability|Query details
Documentation
|
diff --git a/docs/queries/ansible-queries.md b/docs/queries/ansible-queries.md
index bb1a60c7092..eea9ed4db29 100644
--- a/docs/queries/ansible-queries.md
+++ b/docs/queries/ansible-queries.md
@@ -8,130 +8,130 @@ Below are listed queries related to Ansible AWS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|ECR Repository Is Publicly Accessible
fb5a5df7-6d74-4243-ab82-ff779a958bfd|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Access to Any Principal
3ab1f27d-52cc-4943-af1d-43c1939e739a|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Delete Action From All Principals
6fa44721-ef21-41c6-8665-330d59461163|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Put Action From All Principals
a0f1bfe0-741e-473f-b3b2-13e66f856fab|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With All Permissions
6a6d7e56-c913-4549-b5c5-5221e624d2ec|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With Public Access
c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
c09e3ca5-f08a-4717-9c87-3919c5e6d209|Critical|Insecure Configurations|Query details
Documentation
|
-|DB Security Group With Public Scope
0956aedf-6a7a-478b-ab56-63e2b19923ad|Critical|Networking and Firewall|Query details
Documentation
|
-|RDS Associated with Public Subnet
16732649-4ff6-4cd2-8746-e72c13fae4b8|Critical|Networking and Firewall|Query details
Documentation
|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
af167837-9636-4086-b815-c239186b9dda|High|Access Control|Query details
Documentation
|
-|ECS Service Admin Role Is Present
7db727c1-1720-468e-b80e-06697f71e09e|High|Access Control|Query details
Documentation
|
-|IAM Policy Grants Full Permissions
b5ed026d-a772-4f07-97f9-664ba0b116f8|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to All Users
a1ef9d2e-4163-40cb-bd92-04f0d602a15d|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to Any Authenticated User
75480b31-f349-4b9a-861f-bce19588e674|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Get Action From All Principals
53bce6a8-5492-4b1b-81cf-664385f0c4bf|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows List Action From All Principals
d395a950-12ce-4314-a742-ac5a785ab44e|High|Access Control|Query details
Documentation
|
-|SNS Topic is Publicly Accessible
905f4741-f965-45c1-98db-f7a00a0e5c73|High|Access Control|Query details
Documentation
|
-|SQS Policy Allows All Actions
ed9b3beb-92cf-44d9-a9d2-171eeba569d4|High|Access Control|Query details
Documentation
|
-|SQS Queue Exposed
86b0efa7-4901-4edd-a37a-c034bec6645a|High|Access Control|Query details
Documentation
|
-|Config Rule For Encrypted Volumes Disabled
7674a686-e4b1-4a95-83d4-1fd53c623d84|High|Encryption|Query details
Documentation
|
-|DB Instance Storage Not Encrypted
7dfb316c-a6c2-454d-b8a2-97f147b0c0ff|High|Encryption|Query details
Documentation
|
-|EBS Volume Encryption Disabled
4b6012e7-7176-46e4-8108-e441785eae57|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
727c4fd4-d604-4df6-a179-7713d3c85e20|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
2034fb37-bc23-4ca0-8d95-2b9f15829ab5|High|Encryption|Query details
Documentation
|
-|Kinesis Not Encrypted With KMS
f2ea6481-1d31-4d40-946a-520dc6321dd7|High|Encryption|Query details
Documentation
|
-|Launch Configuration Is Not Encrypted
66477506-6abb-49ed-803d-3fa174cd5f6a|High|Encryption|Query details
Documentation
|
-|Redis Not Compliant
9f34885e-c08f-4d13-a7d1-cf190c5bd268|High|Encryption|Query details
Documentation
|
-|Redshift Not Encrypted
6a647814-def5-4b85-88f5-897c19f509cd|High|Encryption|Query details
Documentation
|
-|S3 Bucket Without Server-side-encryption
594f54e7-f744-45ab-93e4-c6dbaf6cd571|High|Encryption|Query details
Documentation
|
-|User Data Contains Encoded Private Key
c09f4d3e-27d2-4d46-9453-abbe9687a64e|High|Encryption|Query details
Documentation
|
-|Batch Job Definition With Privileged Container Properties
defe5b18-978d-4722-9325-4d1975d3699f|High|Insecure Configurations|Query details
Documentation
|
-|EC2 Group Has Public Interface
5330b503-3319-44ff-9b1c-00ee873f728a|High|Insecure Configurations|Query details
Documentation
|
-|KMS Key With Vulnerable Policy
5b9d237a-57d5-4177-be0e-71434b0fef47|High|Insecure Configurations|Query details
Documentation
|
-|Redshift Publicly Accessible
5c6b727b-1382-4629-8ba9-abd1365e5610|High|Insecure Configurations|Query details
Documentation
|
-|Root Account Has Active Access Keys
e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40|High|Insecure Configurations|Query details
Documentation
|
-|DB Security Group Open To Large Scope
ea0ed1c7-9aef-4464-b7c7-94c762da3640|High|Networking and Firewall|Query details
Documentation
|
-|Default Security Groups With Unrestricted Traffic
8010e17a-00e9-4635-a692-90d6bcec68bd|High|Networking and Firewall|Query details
Documentation
|
-|Public Port Wide
71ea648a-d31a-4b5a-a589-5674243f1c33|High|Networking and Firewall|Query details
Documentation
|
-|Remote Desktop Port Open To Internet
eda7301d-1f3e-47cf-8d4e-976debc64341|High|Networking and Firewall|Query details
Documentation
|
-|Route53 Record Undefined
445dce51-7e53-4e50-80ef-7f94f14169e4|High|Networking and Firewall|Query details
Documentation
|
-|Security Group Ingress Not Restricted
ea6bc7a6-d696-4dcf-a788-17fa03c17c81|High|Networking and Firewall|Query details
Documentation
|
-|Unknown Port Exposed To Internet
722b0f24-5a64-4cca-aa96-cfc26b7e3a5b|High|Networking and Firewall|Query details
Documentation
|
-|Unrestricted Security Group Ingress
83c5fa4c-e098-48fc-84ee-0a537287ddd2|High|Networking and Firewall|Query details
Documentation
|
-|Hardcoded AWS Access Key
c2f15af3-66a0-4176-a56e-e4711e502e5c|High|Secret Management|Query details
Documentation
|
-|Hardcoded AWS Access Key In Lambda
f34508b9-f574-4330-b42d-88c44cced645|High|Secret Management|Query details
Documentation
|
-|AMI Shared With Multiple Accounts
a19b2942-142e-4e2b-93b7-6cf6a6c8d90f|Medium|Access Control|Query details
Documentation
|
-|API Gateway Without Configured Authorizer
b16cdb37-ce15-4ab2-8401-d42b05d123fc|Medium|Access Control|Query details
Documentation
|
-|Certificate Has Expired
5a443297-19d4-4381-9e5b-24faf947ec22|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Using Default Security Group
8d03993b-8384-419b-a681-d1f55149397c|Medium|Access Control|Query details
Documentation
|
-|IAM Access Key Is Exposed
7f79f858-fbe8-4186-8a2c-dfd0d958a40f|Medium|Access Control|Query details
Documentation
|
-|IAM Group Without Users
f509931b-bbb0-443c-bd9b-10e92ecf2193|Medium|Access Control|Query details
Documentation
|
-|IAM Policies Attached To User
eafe4bc3-1042-4f88-b988-1939e64bf060|Medium|Access Control|Query details
Documentation
|
-|IAM Policies With Full Privileges
e401d614-8026-4f4b-9af9-75d1197461ba|Medium|Access Control|Query details
Documentation
|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services
12a7a7ce-39d6-49dd-923d-aeb4564eb66c|Medium|Access Control|Query details
Documentation
|
-|IAM Role Allows All Principals To Assume
babdedcf-d859-43da-9a7b-6d72e661a8fd|Medium|Access Control|Query details
Documentation
|
-|Lambda Permission Principal Is Wildcard
1d972c56-8ec2-48c1-a578-887adb09c57a|Medium|Access Control|Query details
Documentation
|
-|Public Lambda via API Gateway
5e92d816-2177-4083-85b4-f61b4f7176d9|Medium|Access Control|Query details
Documentation
|
-|SES Policy With Allowed IAM Actions
8ed0bfce-f780-46d4-b086-21c3628f09ad|Medium|Access Control|Query details
Documentation
|
-|SQS Policy With Public Access
d994585f-defb-4b51-b6d2-c70f020ceb10|Medium|Access Control|Query details
Documentation
|
-|Auto Scaling Group With No Associated ELB
050f085f-a8db-4072-9010-2cca235cc02f|Medium|Availability|Query details
Documentation
|
-|CMK Is Unusable
133fee21-37ef-45df-a563-4d07edc169f4|Medium|Availability|Query details
Documentation
|
-|RDS With Backup Disabled
e69890e6-fce5-461d-98ad-cb98318dfc96|Medium|Backup|Query details
Documentation
|
-|S3 Bucket Without Versioning
9232306a-f839-40aa-b3ef-b352001da9a5|Medium|Backup|Query details
Documentation
|
-|Stack Retention Disabled
17d5ba1d-7667-4729-b1a6-b11fde3db7f7|Medium|Backup|Query details
Documentation
|
-|AMI Not Encrypted
97707503-a22c-4cd7-b7c0-f088fa7cf830|Medium|Encryption|Query details
Documentation
|
-|CA Certificate Identifier Is Outdated
5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce|Medium|Encryption|Query details
Documentation
|
-|Cloudfront Viewer Protocol Policy Allows HTTP
a6d27cf7-61dc-4bde-ae08-3b353b609f76|Medium|Encryption|Query details
Documentation
|
-|CodeBuild Not Encrypted
a1423864-2fbc-4f46-bfe1-fbbf125c71c9|Medium|Encryption|Query details
Documentation
|
-|ELB Using Insecure Protocols
730a5951-2760-407a-b032-dd629b55c23a|Medium|Encryption|Query details
Documentation
|
-|IAM Database Auth Not Enabled
0ed012a4-9199-43d2-b9e4-9bd049a48aa4|Medium|Encryption|Query details
Documentation
|
-|Secure Ciphers Disabled
218413a0-c716-4b94-9e08-0bb70d854709|Medium|Encryption|Query details
Documentation
|
-|SQS With SSE Disabled
e1e7b278-2a8b-49bd-a26e-66a7f70b17eb|Medium|Encryption|Query details
Documentation
|
-|API Gateway Without SSL Certificate
b47b98ab-e481-4a82-8bb1-1ab39fd36e33|Medium|Insecure Configurations|Query details
Documentation
|
-|Certificate RSA Key Bytes Lower Than 256
d5ec2080-340a-4259-b885-f833c4ea6a31|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
d0c13053-d2c8-44a6-95da-d592996e9e67|Medium|Insecure Configurations|Query details
Documentation
|
-|ECR Image Tag Not Immutable
60bfbb8a-c72f-467f-a6dd-a46b7d612789|Medium|Insecure Configurations|Query details
Documentation
|
-|ECS Task Definition Network Mode Not Recommended
01aec7c2-3e4d-4274-ae47-2b8fea22fd1f|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket with Unsecured CORS Rule
3505094c-f77c-4ba0-95da-f83db712f86c|Medium|Insecure Configurations|Query details
Documentation
|
-|Vulnerable Default SSL Certificate
fb8f8929-afeb-4c46-99f0-a6cf410f7df4|Medium|Insecure Defaults|Query details
Documentation
|
-|ALB Listening on HTTP
f81d63d2-c5d7-43a4-a5b5-66717a41c895|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Endpoint Config is Not Private
559439b2-3e9c-4739-ac46-17e3b24ec215|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway without WAF
f5f38943-664b-4acc-ab11-f292fa10ed0b|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Without WAF
22c80725-e390-4055-8d14-a872230f6607|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Has Public IP
a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1|Medium|Networking and Firewall|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
d6c2d06f-43c1-488a-9ba1-8d75b40fc62d|Medium|Networking and Firewall|Query details
Documentation
|
-|HTTP Port Open To Internet
a14ad534-acbe-4a8e-9404-2f7e1045646e|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group With Unrestricted Access To SSH
57ced4b9-6ba4-487b-8843-b65562b90c77|Medium|Networking and Firewall|Query details
Documentation
|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
7af1c447-c014-4f05-bd8b-ebe3a15734ac|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway With CloudWatch Logging Disabled
72a931c2-12f5-40d1-93cc-47bff2f7aa2a|Medium|Observability|Query details
Documentation
|
-|CloudFront Logging Disabled
d31cb911-bf5b-4eb6-9fc3-16780c77c7bd|Medium|Observability|Query details
Documentation
|
-|CloudTrail Logging Disabled
d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Logging Disabled
c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d|Medium|Observability|Query details
Documentation
|
-|No Stack Policy
ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9|Medium|Resource Management|Query details
Documentation
|
-|Authentication Without MFA
eee107f9-b3d8-45d3-b9c6-43b5a7263ce1|Low|Access Control|Query details
Documentation
|
-|ECS Service Without Running Tasks
f5c45127-1d28-4b49-a692-0b97da1c3a84|Low|Availability|Query details
Documentation
|
-|Automatic Minor Upgrades Disabled
857f8808-e96a-4ba8-a9b7-f2d4ec6cad94|Low|Best Practices|Query details
Documentation
|
-|CDN Configuration Is Missing
b25398a2-0625-4e61-8e4d-a1bb23905bf6|Low|Best Practices|Query details
Documentation
|
-|IAM Password Without Minimum Length
8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d|Low|Best Practices|Query details
Documentation
|
-|Lambda Permission Misconfigured
3ddf3417-424d-420d-8275-0724dc426520|Low|Best Practices|Query details
Documentation
|
-|Misconfigured Password Policy Expiration
3f2cf811-88fa-4eda-be45-7a191a18aba9|Low|Best Practices|Query details
Documentation
|
-|Password Without Reuse Prevention
6f5f5444-1422-495f-81ef-24cefd61ed2c|Low|Best Practices|Query details
Documentation
|
-|EFS Without Tags
b8a9852c-9943-4973-b8d5-77dae9352851|Low|Build Process|Query details
Documentation
|
-|Stack Without Template
32d31f1f-0f83-4721-b7ec-1e6948c60145|Low|Build Process|Query details
Documentation
|
-|CloudTrail Log Files Not Encrypted With KMS
f5587077-3f57-4370-9b4e-4eb5b1bac85b|Low|Encryption|Query details
Documentation
|
-|EFS Without KMS
bd77554e-f138-40c5-91b2-2a09f878608e|Low|Encryption|Query details
Documentation
|
-|AWS Password Policy With Unchangeable Passwords
e28ceb92-d588-4166-aac5-766c8f5b7472|Low|Insecure Configurations|Query details
Documentation
|
-|Instance With No VPC
61d1a2d0-4db8-405a-913d-5d2ce49dff6f|Low|Insecure Configurations|Query details
Documentation
|
-|Lambda Function Without Tags
265d9725-2fb8-42a2-bc57-3279c5db82d5|Low|Insecure Configurations|Query details
Documentation
|
-|EC2 Instance Using Default VPC
8833f180-96f1-46f4-9147-849aafa56029|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Using Default Port
7cc6c791-5f68-4816-a564-b9b699f9d26e|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Without VPC
5527dcfc-94f9-4bf6-b7d4-1b78850cf41f|Low|Networking and Firewall|Query details
Documentation
|
-|RDS Using Default Port
2cb674f6-32f9-40be-97f2-62c0dc38f0d5|Low|Networking and Firewall|Query details
Documentation
|
-|Redshift Using Default Port
e01de151-a7bd-4db4-b49b-3c4775a5e881|Low|Networking and Firewall|Query details
Documentation
|
-|API Gateway X-Ray Disabled
2059155b-27fd-441e-b616-6966c468561f|Low|Observability|Query details
Documentation
|
-|CloudTrail Log File Validation Disabled
4d8681a2-3d30-4c89-8070-08acd142748e|Low|Observability|Query details
Documentation
|
-|CloudTrail Multi Region Disabled
6ad087d7-a509-4b20-b853-9ef6f5ebaa98|Low|Observability|Query details
Documentation
|
-|CloudTrail Not Integrated With CloudWatch
ebb2118a-03bc-4d53-ab43-d8750f5cb8d3|Low|Observability|Query details
Documentation
|
-|CloudTrail SNS Topic Name Undefined
5ba316a9-c466-4ec1-8d5b-bc6107dc9a92|Low|Observability|Query details
Documentation
|
-|CMK Rotation Disabled
af96d737-0818-4162-8c41-40d969bd65d1|Low|Observability|Query details
Documentation
|
-|Configuration Aggregator to All Regions Disabled
a2fdf451-89dd-451e-af92-bf6c0f4bab96|Low|Observability|Query details
Documentation
|
-|Lambda Functions Without X-Ray Tracing
71397b34-1d50-4ee1-97cb-c96c34676f74|Low|Observability|Query details
Documentation
|
-|Stack Notifications Disabled
d39761d7-94ab-45b0-ab5e-27c44e381d58|Low|Observability|Query details
Documentation
|
-|EC2 Not EBS Optimized
338b6cab-961d-4998-bb49-e5b6a11c9a5c|Info|Best Practices|Query details
Documentation
|
-|CloudWatch Without Retention Period Specified
e24e18d9-4c2b-4649-b3d0-18c088145e24|Info|Observability|Query details
Documentation
|
+|ECR Repository Is Publicly Accessible
fb5a5df7-6d74-4243-ab82-ff779a958bfd|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Access to Any Principal
3ab1f27d-52cc-4943-af1d-43c1939e739a|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Delete Action From All Principals
6fa44721-ef21-41c6-8665-330d59461163|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Put Action From All Principals
a0f1bfe0-741e-473f-b3b2-13e66f856fab|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With All Permissions
6a6d7e56-c913-4549-b5c5-5221e624d2ec|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With Public Access
c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
c09e3ca5-f08a-4717-9c87-3919c5e6d209|Critical|Insecure Configurations|Query details
Documentation
|
+|DB Security Group With Public Scope
0956aedf-6a7a-478b-ab56-63e2b19923ad|Critical|Networking and Firewall|Query details
Documentation
|
+|RDS Associated with Public Subnet
16732649-4ff6-4cd2-8746-e72c13fae4b8|Critical|Networking and Firewall|Query details
Documentation
|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
af167837-9636-4086-b815-c239186b9dda|High|Access Control|Query details
Documentation
|
+|ECS Service Admin Role Is Present
7db727c1-1720-468e-b80e-06697f71e09e|High|Access Control|Query details
Documentation
|
+|IAM Policy Grants Full Permissions
b5ed026d-a772-4f07-97f9-664ba0b116f8|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to All Users
a1ef9d2e-4163-40cb-bd92-04f0d602a15d|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to Any Authenticated User
75480b31-f349-4b9a-861f-bce19588e674|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Get Action From All Principals
53bce6a8-5492-4b1b-81cf-664385f0c4bf|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows List Action From All Principals
d395a950-12ce-4314-a742-ac5a785ab44e|High|Access Control|Query details
Documentation
|
+|SNS Topic is Publicly Accessible
905f4741-f965-45c1-98db-f7a00a0e5c73|High|Access Control|Query details
Documentation
|
+|SQS Policy Allows All Actions
ed9b3beb-92cf-44d9-a9d2-171eeba569d4|High|Access Control|Query details
Documentation
|
+|SQS Queue Exposed
86b0efa7-4901-4edd-a37a-c034bec6645a|High|Access Control|Query details
Documentation
|
+|Config Rule For Encrypted Volumes Disabled
7674a686-e4b1-4a95-83d4-1fd53c623d84|High|Encryption|Query details
Documentation
|
+|DB Instance Storage Not Encrypted
7dfb316c-a6c2-454d-b8a2-97f147b0c0ff|High|Encryption|Query details
Documentation
|
+|EBS Volume Encryption Disabled
4b6012e7-7176-46e4-8108-e441785eae57|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
727c4fd4-d604-4df6-a179-7713d3c85e20|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
2034fb37-bc23-4ca0-8d95-2b9f15829ab5|High|Encryption|Query details
Documentation
|
+|Kinesis Not Encrypted With KMS
f2ea6481-1d31-4d40-946a-520dc6321dd7|High|Encryption|Query details
Documentation
|
+|Launch Configuration Is Not Encrypted
66477506-6abb-49ed-803d-3fa174cd5f6a|High|Encryption|Query details
Documentation
|
+|Redis Not Compliant
9f34885e-c08f-4d13-a7d1-cf190c5bd268|High|Encryption|Query details
Documentation
|
+|Redshift Not Encrypted
6a647814-def5-4b85-88f5-897c19f509cd|High|Encryption|Query details
Documentation
|
+|S3 Bucket Without Server-side-encryption
594f54e7-f744-45ab-93e4-c6dbaf6cd571|High|Encryption|Query details
Documentation
|
+|User Data Contains Encoded Private Key
c09f4d3e-27d2-4d46-9453-abbe9687a64e|High|Encryption|Query details
Documentation
|
+|Batch Job Definition With Privileged Container Properties
defe5b18-978d-4722-9325-4d1975d3699f|High|Insecure Configurations|Query details
Documentation
|
+|EC2 Group Has Public Interface
5330b503-3319-44ff-9b1c-00ee873f728a|High|Insecure Configurations|Query details
Documentation
|
+|KMS Key With Vulnerable Policy
5b9d237a-57d5-4177-be0e-71434b0fef47|High|Insecure Configurations|Query details
Documentation
|
+|Redshift Publicly Accessible
5c6b727b-1382-4629-8ba9-abd1365e5610|High|Insecure Configurations|Query details
Documentation
|
+|Root Account Has Active Access Keys
e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40|High|Insecure Configurations|Query details
Documentation
|
+|DB Security Group Open To Large Scope
ea0ed1c7-9aef-4464-b7c7-94c762da3640|High|Networking and Firewall|Query details
Documentation
|
+|Default Security Groups With Unrestricted Traffic
8010e17a-00e9-4635-a692-90d6bcec68bd|High|Networking and Firewall|Query details
Documentation
|
+|Public Port Wide
71ea648a-d31a-4b5a-a589-5674243f1c33|High|Networking and Firewall|Query details
Documentation
|
+|Remote Desktop Port Open To Internet
eda7301d-1f3e-47cf-8d4e-976debc64341|High|Networking and Firewall|Query details
Documentation
|
+|Route53 Record Undefined
445dce51-7e53-4e50-80ef-7f94f14169e4|High|Networking and Firewall|Query details
Documentation
|
+|Security Group Ingress Not Restricted
ea6bc7a6-d696-4dcf-a788-17fa03c17c81|High|Networking and Firewall|Query details
Documentation
|
+|Unknown Port Exposed To Internet
722b0f24-5a64-4cca-aa96-cfc26b7e3a5b|High|Networking and Firewall|Query details
Documentation
|
+|Unrestricted Security Group Ingress
83c5fa4c-e098-48fc-84ee-0a537287ddd2|High|Networking and Firewall|Query details
Documentation
|
+|Hardcoded AWS Access Key
c2f15af3-66a0-4176-a56e-e4711e502e5c|High|Secret Management|Query details
Documentation
|
+|Hardcoded AWS Access Key In Lambda
f34508b9-f574-4330-b42d-88c44cced645|High|Secret Management|Query details
Documentation
|
+|AMI Shared With Multiple Accounts
a19b2942-142e-4e2b-93b7-6cf6a6c8d90f|Medium|Access Control|Query details
Documentation
|
+|API Gateway Without Configured Authorizer
b16cdb37-ce15-4ab2-8401-d42b05d123fc|Medium|Access Control|Query details
Documentation
|
+|Certificate Has Expired
5a443297-19d4-4381-9e5b-24faf947ec22|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Using Default Security Group
8d03993b-8384-419b-a681-d1f55149397c|Medium|Access Control|Query details
Documentation
|
+|IAM Access Key Is Exposed
7f79f858-fbe8-4186-8a2c-dfd0d958a40f|Medium|Access Control|Query details
Documentation
|
+|IAM Group Without Users
f509931b-bbb0-443c-bd9b-10e92ecf2193|Medium|Access Control|Query details
Documentation
|
+|IAM Policies Attached To User
eafe4bc3-1042-4f88-b988-1939e64bf060|Medium|Access Control|Query details
Documentation
|
+|IAM Policies With Full Privileges
e401d614-8026-4f4b-9af9-75d1197461ba|Medium|Access Control|Query details
Documentation
|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services
12a7a7ce-39d6-49dd-923d-aeb4564eb66c|Medium|Access Control|Query details
Documentation
|
+|IAM Role Allows All Principals To Assume
babdedcf-d859-43da-9a7b-6d72e661a8fd|Medium|Access Control|Query details
Documentation
|
+|Lambda Permission Principal Is Wildcard
1d972c56-8ec2-48c1-a578-887adb09c57a|Medium|Access Control|Query details
Documentation
|
+|Public Lambda via API Gateway
5e92d816-2177-4083-85b4-f61b4f7176d9|Medium|Access Control|Query details
Documentation
|
+|SES Policy With Allowed IAM Actions
8ed0bfce-f780-46d4-b086-21c3628f09ad|Medium|Access Control|Query details
Documentation
|
+|SQS Policy With Public Access
d994585f-defb-4b51-b6d2-c70f020ceb10|Medium|Access Control|Query details
Documentation
|
+|Auto Scaling Group With No Associated ELB
050f085f-a8db-4072-9010-2cca235cc02f|Medium|Availability|Query details
Documentation
|
+|CMK Is Unusable
133fee21-37ef-45df-a563-4d07edc169f4|Medium|Availability|Query details
Documentation
|
+|RDS With Backup Disabled
e69890e6-fce5-461d-98ad-cb98318dfc96|Medium|Backup|Query details
Documentation
|
+|S3 Bucket Without Versioning
9232306a-f839-40aa-b3ef-b352001da9a5|Medium|Backup|Query details
Documentation
|
+|Stack Retention Disabled
17d5ba1d-7667-4729-b1a6-b11fde3db7f7|Medium|Backup|Query details
Documentation
|
+|AMI Not Encrypted
97707503-a22c-4cd7-b7c0-f088fa7cf830|Medium|Encryption|Query details
Documentation
|
+|CA Certificate Identifier Is Outdated
5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce|Medium|Encryption|Query details
Documentation
|
+|Cloudfront Viewer Protocol Policy Allows HTTP
a6d27cf7-61dc-4bde-ae08-3b353b609f76|Medium|Encryption|Query details
Documentation
|
+|CodeBuild Not Encrypted
a1423864-2fbc-4f46-bfe1-fbbf125c71c9|Medium|Encryption|Query details
Documentation
|
+|ELB Using Insecure Protocols
730a5951-2760-407a-b032-dd629b55c23a|Medium|Encryption|Query details
Documentation
|
+|IAM Database Auth Not Enabled
0ed012a4-9199-43d2-b9e4-9bd049a48aa4|Medium|Encryption|Query details
Documentation
|
+|Secure Ciphers Disabled
218413a0-c716-4b94-9e08-0bb70d854709|Medium|Encryption|Query details
Documentation
|
+|SQS With SSE Disabled
e1e7b278-2a8b-49bd-a26e-66a7f70b17eb|Medium|Encryption|Query details
Documentation
|
+|API Gateway Without SSL Certificate
b47b98ab-e481-4a82-8bb1-1ab39fd36e33|Medium|Insecure Configurations|Query details
Documentation
|
+|Certificate RSA Key Bytes Lower Than 256
d5ec2080-340a-4259-b885-f833c4ea6a31|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
d0c13053-d2c8-44a6-95da-d592996e9e67|Medium|Insecure Configurations|Query details
Documentation
|
+|ECR Image Tag Not Immutable
60bfbb8a-c72f-467f-a6dd-a46b7d612789|Medium|Insecure Configurations|Query details
Documentation
|
+|ECS Task Definition Network Mode Not Recommended
01aec7c2-3e4d-4274-ae47-2b8fea22fd1f|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket with Unsecured CORS Rule
3505094c-f77c-4ba0-95da-f83db712f86c|Medium|Insecure Configurations|Query details
Documentation
|
+|Vulnerable Default SSL Certificate
fb8f8929-afeb-4c46-99f0-a6cf410f7df4|Medium|Insecure Defaults|Query details
Documentation
|
+|ALB Listening on HTTP
f81d63d2-c5d7-43a4-a5b5-66717a41c895|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Endpoint Config is Not Private
559439b2-3e9c-4739-ac46-17e3b24ec215|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway without WAF
f5f38943-664b-4acc-ab11-f292fa10ed0b|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Without WAF
22c80725-e390-4055-8d14-a872230f6607|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Has Public IP
a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1|Medium|Networking and Firewall|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
d6c2d06f-43c1-488a-9ba1-8d75b40fc62d|Medium|Networking and Firewall|Query details
Documentation
|
+|HTTP Port Open To Internet
a14ad534-acbe-4a8e-9404-2f7e1045646e|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group With Unrestricted Access To SSH
57ced4b9-6ba4-487b-8843-b65562b90c77|Medium|Networking and Firewall|Query details
Documentation
|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
7af1c447-c014-4f05-bd8b-ebe3a15734ac|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway With CloudWatch Logging Disabled
72a931c2-12f5-40d1-93cc-47bff2f7aa2a|Medium|Observability|Query details
Documentation
|
+|CloudFront Logging Disabled
d31cb911-bf5b-4eb6-9fc3-16780c77c7bd|Medium|Observability|Query details
Documentation
|
+|CloudTrail Logging Disabled
d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Logging Disabled
c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d|Medium|Observability|Query details
Documentation
|
+|No Stack Policy
ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9|Medium|Resource Management|Query details
Documentation
|
+|Authentication Without MFA
eee107f9-b3d8-45d3-b9c6-43b5a7263ce1|Low|Access Control|Query details
Documentation
|
+|ECS Service Without Running Tasks
f5c45127-1d28-4b49-a692-0b97da1c3a84|Low|Availability|Query details
Documentation
|
+|Automatic Minor Upgrades Disabled
857f8808-e96a-4ba8-a9b7-f2d4ec6cad94|Low|Best Practices|Query details
Documentation
|
+|CDN Configuration Is Missing
b25398a2-0625-4e61-8e4d-a1bb23905bf6|Low|Best Practices|Query details
Documentation
|
+|IAM Password Without Minimum Length
8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d|Low|Best Practices|Query details
Documentation
|
+|Lambda Permission Misconfigured
3ddf3417-424d-420d-8275-0724dc426520|Low|Best Practices|Query details
Documentation
|
+|Misconfigured Password Policy Expiration
3f2cf811-88fa-4eda-be45-7a191a18aba9|Low|Best Practices|Query details
Documentation
|
+|Password Without Reuse Prevention
6f5f5444-1422-495f-81ef-24cefd61ed2c|Low|Best Practices|Query details
Documentation
|
+|EFS Without Tags
b8a9852c-9943-4973-b8d5-77dae9352851|Low|Build Process|Query details
Documentation
|
+|Stack Without Template
32d31f1f-0f83-4721-b7ec-1e6948c60145|Low|Build Process|Query details
Documentation
|
+|CloudTrail Log Files Not Encrypted With KMS
f5587077-3f57-4370-9b4e-4eb5b1bac85b|Low|Encryption|Query details
Documentation
|
+|EFS Without KMS
bd77554e-f138-40c5-91b2-2a09f878608e|Low|Encryption|Query details
Documentation
|
+|AWS Password Policy With Unchangeable Passwords
e28ceb92-d588-4166-aac5-766c8f5b7472|Low|Insecure Configurations|Query details
Documentation
|
+|Instance With No VPC
61d1a2d0-4db8-405a-913d-5d2ce49dff6f|Low|Insecure Configurations|Query details
Documentation
|
+|Lambda Function Without Tags
265d9725-2fb8-42a2-bc57-3279c5db82d5|Low|Insecure Configurations|Query details
Documentation
|
+|EC2 Instance Using Default VPC
8833f180-96f1-46f4-9147-849aafa56029|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Using Default Port
7cc6c791-5f68-4816-a564-b9b699f9d26e|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Without VPC
5527dcfc-94f9-4bf6-b7d4-1b78850cf41f|Low|Networking and Firewall|Query details
Documentation
|
+|RDS Using Default Port
2cb674f6-32f9-40be-97f2-62c0dc38f0d5|Low|Networking and Firewall|Query details
Documentation
|
+|Redshift Using Default Port
e01de151-a7bd-4db4-b49b-3c4775a5e881|Low|Networking and Firewall|Query details
Documentation
|
+|API Gateway X-Ray Disabled
2059155b-27fd-441e-b616-6966c468561f|Low|Observability|Query details
Documentation
|
+|CloudTrail Log File Validation Disabled
4d8681a2-3d30-4c89-8070-08acd142748e|Low|Observability|Query details
Documentation
|
+|CloudTrail Multi Region Disabled
6ad087d7-a509-4b20-b853-9ef6f5ebaa98|Low|Observability|Query details
Documentation
|
+|CloudTrail Not Integrated With CloudWatch
ebb2118a-03bc-4d53-ab43-d8750f5cb8d3|Low|Observability|Query details
Documentation
|
+|CloudTrail SNS Topic Name Undefined
5ba316a9-c466-4ec1-8d5b-bc6107dc9a92|Low|Observability|Query details
Documentation
|
+|CMK Rotation Disabled
af96d737-0818-4162-8c41-40d969bd65d1|Low|Observability|Query details
Documentation
|
+|Configuration Aggregator to All Regions Disabled
a2fdf451-89dd-451e-af92-bf6c0f4bab96|Low|Observability|Query details
Documentation
|
+|Lambda Functions Without X-Ray Tracing
71397b34-1d50-4ee1-97cb-c96c34676f74|Low|Observability|Query details
Documentation
|
+|Stack Notifications Disabled
d39761d7-94ab-45b0-ab5e-27c44e381d58|Low|Observability|Query details
Documentation
|
+|EC2 Not EBS Optimized
338b6cab-961d-4998-bb49-e5b6a11c9a5c|Info|Best Practices|Query details
Documentation
|
+|CloudWatch Without Retention Period Specified
e24e18d9-4c2b-4649-b3d0-18c088145e24|Info|Observability|Query details
Documentation
|
### AZURE
Below are listed queries related to Ansible AZURE:
@@ -140,46 +140,46 @@ Below are listed queries related to Ansible AZURE:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|CosmosDB Account IP Range Filter Not Set
e8c80448-31d8-4755-85fc-6dbab69c2717|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Entirely Accessible
0d0c12b9-edce-4510-9065-13f6a758750c|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Publicly Accessible
0632d0db-9190-450a-8bb3-c283bffea445|Critical|Networking and Firewall|Query details
Documentation
|
-|SQLServer Ingress From Any IP
f4e9ff70-0f3b-4c50-a713-26cbe7ec4039|Critical|Networking and Firewall|Query details
Documentation
|
-|Unrestricted SQL Server Access
3f23c96c-f9f5-488d-9b17-605b8da5842f|Critical|Networking and Firewall|Query details
Documentation
|
-|Default Azure Storage Account Network Access Is Too Permissive
ca4df748-613a-4fbf-9c76-f02cbd580307|High|Access Control|Query details
Documentation
|
-|Public Storage Account
35e2f133-a395-40de-a79d-b260d973d1bd|High|Access Control|Query details
Documentation
|
-|Storage Container Is Publicly Accessible
4d3817db-dd35-4de4-a80d-3867157e7f7f|High|Access Control|Query details
Documentation
|
-|Azure Container Registry With No Locks
581dae78-307d-45d5-aae4-fe2b0db267a5|High|Insecure Configurations|Query details
Documentation
|
-|Security Group is Not Configured
da4f2739-174f-4cdd-b9ef-dc3f14b5931f|High|Insecure Configurations|Query details
Documentation
|
-|Sensitive Port Is Exposed To Entire Network
0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc|High|Networking and Firewall|Query details
Documentation
|
-|Admin User Enabled For Container Registry
29f35127-98e6-43af-8ec1-201b79f99604|Medium|Access Control|Query details
Documentation
|
-|AKS RBAC Disabled
149fa56c-4404-4f90-9e25-d34b676d5b39|Medium|Access Control|Query details
Documentation
|
-|Role Definition Allows Custom Role Creation
5c80db8e-03f5-43a2-b4af-1f3f87018157|Medium|Access Control|Query details
Documentation
|
-|Key Vault Soft Delete Is Disabled
881696a8-68c5-4073-85bc-7c38a3deb854|Medium|Backup|Query details
Documentation
|
-|Azure Instance Using Basic Authentication
e2d834b7-8b25-4935-af53-4a60668dcbe0|Medium|Best Practices|Query details
Documentation
|
-|MySQL SSL Connection Disabled
2a901825-0f3b-4655-a0fe-e0470e50f8e6|Medium|Encryption|Query details
Documentation
|
-|SSL Enforce Disabled
961ce567-a16d-4d7d-9027-f0ec2628a555|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Forcing HTTPS
2c99a474-2a3c-4c17-8294-53ffa5ed0522|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Using Latest TLS Encryption Version
c62746cf-92d5-4649-9acf-7d48d086f2ee|Medium|Encryption|Query details
Documentation
|
-|AD Admin Not Configured For SQL Server
b176e927-bbe2-44a6-a9c3-041417137e5f|Medium|Insecure Configurations|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
869e7fb4-30f0-4bdb-b360-ad548f337f2f|Medium|Insecure Configurations|Query details
Documentation
|
-|VM Not Attached To Network
1e5f5307-3e01-438d-8da6-985307ed25ce|Medium|Insecure Configurations|Query details
Documentation
|
-|Web App Accepting Traffic Other Than HTTPS
eb8c2560-8bee-4248-9d0d-e80c8641dd91|Medium|Insecure Configurations|Query details
Documentation
|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache
69f72007-502e-457b-bd2d-5012e31ac049|Medium|Networking and Firewall|Query details
Documentation
|
-|Trusted Microsoft Services Not Enabled
1bc398a8-d274-47de-a4c8-6ac867b353de|Medium|Networking and Firewall|Query details
Documentation
|
-|WAF Is Disabled For Azure Application Gateway
2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255|Medium|Networking and Firewall|Query details
Documentation
|
-|AKS Monitoring Logging Disabled
d5e83b32-56dd-4247-8c2e-074f43b38a5e|Medium|Observability|Query details
Documentation
|
-|Log Retention Is Not Set
0461b4fd-21ef-4687-929e-484ee4796785|Medium|Observability|Query details
Documentation
|
-|Monitoring Log Profile Without All Activities
89f84a1e-75f8-47c5-83b5-bee8e2de4168|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Checkpoints Disabled
7ab33ac0-e4a3-418f-a673-50da4e34df21|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Connections Not Set
7b47138f-ec0e-47dc-8516-e7728fe3cc17|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Disconnections Not Set
054d07b5-941b-4c28-8eef-18989dc62323|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Duration Not Set
729ebb15-8060-40f7-9017-cb72676a5487|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Server Without Connection Throttling
a9becca7-892a-4af7-b9e1-44bf20a4cd9a|Medium|Observability|Query details
Documentation
|
-|SQL Server Predictable Active Directory Account Name
530e8291-2f22-4bab-b7ea-306f1bc2a308|Low|Best Practices|Query details
Documentation
|
-|SQL Server Predictable Admin Account Name
663062e9-473d-4e87-99bc-6f3684b3df40|Low|Best Practices|Query details
Documentation
|
-|Cosmos DB Account Without Tags
23a4dc83-4959-4d99-8056-8e051a82bc1e|Low|Build Process|Query details
Documentation
|
-|AKS Network Policy Misconfigured
8c3bedf1-c570-4c3b-b414-d068cd39a00c|Low|Insecure Configurations|Query details
Documentation
|
-|Small Activity Log Retention Period
37fafbea-dedb-4e0d-852e-d16ee0589326|Low|Observability|Query details
Documentation
|
+|CosmosDB Account IP Range Filter Not Set
e8c80448-31d8-4755-85fc-6dbab69c2717|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Entirely Accessible
0d0c12b9-edce-4510-9065-13f6a758750c|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Publicly Accessible
0632d0db-9190-450a-8bb3-c283bffea445|Critical|Networking and Firewall|Query details
Documentation
|
+|SQLServer Ingress From Any IP
f4e9ff70-0f3b-4c50-a713-26cbe7ec4039|Critical|Networking and Firewall|Query details
Documentation
|
+|Unrestricted SQL Server Access
3f23c96c-f9f5-488d-9b17-605b8da5842f|Critical|Networking and Firewall|Query details
Documentation
|
+|Default Azure Storage Account Network Access Is Too Permissive
ca4df748-613a-4fbf-9c76-f02cbd580307|High|Access Control|Query details
Documentation
|
+|Public Storage Account
35e2f133-a395-40de-a79d-b260d973d1bd|High|Access Control|Query details
Documentation
|
+|Storage Container Is Publicly Accessible
4d3817db-dd35-4de4-a80d-3867157e7f7f|High|Access Control|Query details
Documentation
|
+|Azure Container Registry With No Locks
581dae78-307d-45d5-aae4-fe2b0db267a5|High|Insecure Configurations|Query details
Documentation
|
+|Security Group is Not Configured
da4f2739-174f-4cdd-b9ef-dc3f14b5931f|High|Insecure Configurations|Query details
Documentation
|
+|Sensitive Port Is Exposed To Entire Network
0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc|High|Networking and Firewall|Query details
Documentation
|
+|Admin User Enabled For Container Registry
29f35127-98e6-43af-8ec1-201b79f99604|Medium|Access Control|Query details
Documentation
|
+|AKS RBAC Disabled
149fa56c-4404-4f90-9e25-d34b676d5b39|Medium|Access Control|Query details
Documentation
|
+|Role Definition Allows Custom Role Creation
5c80db8e-03f5-43a2-b4af-1f3f87018157|Medium|Access Control|Query details
Documentation
|
+|Key Vault Soft Delete Is Disabled
881696a8-68c5-4073-85bc-7c38a3deb854|Medium|Backup|Query details
Documentation
|
+|Azure Instance Using Basic Authentication
e2d834b7-8b25-4935-af53-4a60668dcbe0|Medium|Best Practices|Query details
Documentation
|
+|MySQL SSL Connection Disabled
2a901825-0f3b-4655-a0fe-e0470e50f8e6|Medium|Encryption|Query details
Documentation
|
+|SSL Enforce Disabled
961ce567-a16d-4d7d-9027-f0ec2628a555|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Forcing HTTPS
2c99a474-2a3c-4c17-8294-53ffa5ed0522|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Using Latest TLS Encryption Version
c62746cf-92d5-4649-9acf-7d48d086f2ee|Medium|Encryption|Query details
Documentation
|
+|AD Admin Not Configured For SQL Server
b176e927-bbe2-44a6-a9c3-041417137e5f|Medium|Insecure Configurations|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
869e7fb4-30f0-4bdb-b360-ad548f337f2f|Medium|Insecure Configurations|Query details
Documentation
|
+|VM Not Attached To Network
1e5f5307-3e01-438d-8da6-985307ed25ce|Medium|Insecure Configurations|Query details
Documentation
|
+|Web App Accepting Traffic Other Than HTTPS
eb8c2560-8bee-4248-9d0d-e80c8641dd91|Medium|Insecure Configurations|Query details
Documentation
|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache
69f72007-502e-457b-bd2d-5012e31ac049|Medium|Networking and Firewall|Query details
Documentation
|
+|Trusted Microsoft Services Not Enabled
1bc398a8-d274-47de-a4c8-6ac867b353de|Medium|Networking and Firewall|Query details
Documentation
|
+|WAF Is Disabled For Azure Application Gateway
2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255|Medium|Networking and Firewall|Query details
Documentation
|
+|AKS Monitoring Logging Disabled
d5e83b32-56dd-4247-8c2e-074f43b38a5e|Medium|Observability|Query details
Documentation
|
+|Log Retention Is Not Set
0461b4fd-21ef-4687-929e-484ee4796785|Medium|Observability|Query details
Documentation
|
+|Monitoring Log Profile Without All Activities
89f84a1e-75f8-47c5-83b5-bee8e2de4168|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Checkpoints Disabled
7ab33ac0-e4a3-418f-a673-50da4e34df21|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Connections Not Set
7b47138f-ec0e-47dc-8516-e7728fe3cc17|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Disconnections Not Set
054d07b5-941b-4c28-8eef-18989dc62323|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Duration Not Set
729ebb15-8060-40f7-9017-cb72676a5487|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Server Without Connection Throttling
a9becca7-892a-4af7-b9e1-44bf20a4cd9a|Medium|Observability|Query details
Documentation
|
+|SQL Server Predictable Active Directory Account Name
530e8291-2f22-4bab-b7ea-306f1bc2a308|Low|Best Practices|Query details
Documentation
|
+|SQL Server Predictable Admin Account Name
663062e9-473d-4e87-99bc-6f3684b3df40|Low|Best Practices|Query details
Documentation
|
+|Cosmos DB Account Without Tags
23a4dc83-4959-4d99-8056-8e051a82bc1e|Low|Build Process|Query details
Documentation
|
+|AKS Network Policy Misconfigured
8c3bedf1-c570-4c3b-b414-d068cd39a00c|Low|Insecure Configurations|Query details
Documentation
|
+|Small Activity Log Retention Period
37fafbea-dedb-4e0d-852e-d16ee0589326|Low|Observability|Query details
Documentation
|
### CONFIG
Below are listed queries related to Ansible CONFIG:
@@ -188,10 +188,10 @@ Below are listed queries related to Ansible CONFIG:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Allow Unsafe Lookups Enabled
86b97bb4-85c9-462d-8635-cbc057c5c8c5|High|Insecure Configurations|Query details
Documentation
|
-|Privilege Escalation Using Become Plugin
404908b6-4954-4611-98f0-e8ceacdabcb1|Medium|Access Control|Query details
Documentation
|
-|Communication over HTTP
d7dc9350-74bc-485b-8c85-fed22d276c43|Medium|Insecure Configurations|Query details
Documentation
|
-|Logging of Sensitive Data
c6473dae-8477-4119-88b7-b909b435ce7b|Low|Best Practices|Query details
Documentation
|
+|Allow Unsafe Lookups Enabled
86b97bb4-85c9-462d-8635-cbc057c5c8c5|High|Insecure Configurations|Query details
Documentation
|
+|Privilege Escalation Using Become Plugin
404908b6-4954-4611-98f0-e8ceacdabcb1|Medium|Access Control|Query details
Documentation
|
+|Communication over HTTP
d7dc9350-74bc-485b-8c85-fed22d276c43|Medium|Insecure Configurations|Query details
Documentation
|
+|Logging of Sensitive Data
c6473dae-8477-4119-88b7-b909b435ce7b|Low|Best Practices|Query details
Documentation
|
### GCP
Below are listed queries related to Ansible GCP:
@@ -200,55 +200,55 @@ Below are listed queries related to Ansible GCP:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Cloud Storage Anonymous or Publicly Accessible
086031e1-9d4a-4249-acb3-5bfe4c363db2|Critical|Access Control|Query details
Documentation
|
-|SQL DB Instance Publicly Accessible
7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b|Critical|Insecure Configurations|Query details
Documentation
|
-|BigQuery Dataset Is Public
2263b286-2fe9-4747-a0ae-8b4768a2bbd2|High|Access Control|Query details
Documentation
|
-|SQL DB Instance With SSL Disabled
d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb|High|Encryption|Query details
Documentation
|
-|Client Certificate Disabled
20180133-a0d0-4745-bfe0-94049fbb12a9|High|Insecure Configurations|Query details
Documentation
|
-|Cloud SQL Instance With Contained Database Authentication On
6d34aff3-fdd2-460c-8190-756a3b4969e8|High|Insecure Configurations|Query details
Documentation
|
-|Cloud SQL Instance With Cross DB Ownership Chaining On
9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f|High|Insecure Configurations|Query details
Documentation
|
-|GKE Legacy Authorization Enabled
300a9964-b086-41f7-9378-b6de3ba1c32b|High|Insecure Configurations|Query details
Documentation
|
-|MySQL Instance With Local Infile On
a7b520bb-2509-4fb0-be05-bc38f54c7a4c|High|Insecure Configurations|Query details
Documentation
|
-|RDP Access Is Not Restricted
75418eb9-39ec-465f-913c-6f2b6a80dc77|High|Networking and Firewall|Query details
Documentation
|
-|VM With Full Cloud Access
bc20bbc6-0697-4568-9a73-85af1dd97bdd|Medium|Access Control|Query details
Documentation
|
-|SQL DB Instance Backup Disabled
0c82eae2-aca0-401f-93e4-fb37a0f9e5e8|Medium|Backup|Query details
Documentation
|
-|Disk Encryption Disabled
092bae86-6105-4802-99d2-99cd7e7431f3|Medium|Encryption|Query details
Documentation
|
-|DNSSEC Using RSASHA1
6cf4c3a7-ceb0-4475-8892-3745b84be24a|Medium|Encryption|Query details
Documentation
|
-|Google Compute SSL Policy Weak Cipher In Use
b28bcd2f-c309-490e-ab7c-35fc4023eb26|Medium|Encryption|Query details
Documentation
|
-|Cloud DNS Without DNSSEC
80b15fb1-6207-40f4-a803-6915ae619a03|Medium|Insecure Configurations|Query details
Documentation
|
-|Cluster Master Authentication Disabled
9df7f78f-ebe3-432e-ac3b-b67189c15518|Medium|Insecure Configurations|Query details
Documentation
|
-|GKE Basic Authentication Enabled
344bf8ab-9308-462b-a6b2-697432e40ba1|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Container Node Pool Auto Repair Disabled
d58c6f24-3763-4269-9f5b-86b2569a003b|Medium|Insecure Configurations|Query details
Documentation
|
-|IP Aliasing Disabled
ed672a9f-fbf0-44d8-a47d-779501b0db05|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Policy Disabled
98e04ca0-34f5-4c74-8fec-d2e611ce2790|Medium|Insecure Configurations|Query details
Documentation
|
-|OSLogin Is Disabled In VM Instance
66dae697-507b-4aef-be18-eec5bd707f33|Medium|Insecure Configurations|Query details
Documentation
|
-|Private Cluster Disabled
3b30e3d6-c99b-4318-b38f-b99db74578b5|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded VM Disabled
18d3a83d-4414-49dc-90ea-f0387b2856cc|Medium|Insecure Configurations|Query details
Documentation
|
-|Using Default Service Account
2775e169-e708-42a9-9305-b58aadd2c4dd|Medium|Insecure Configurations|Query details
Documentation
|
-|GKE Using Default Service Account
dc126833-125a-40fb-905a-ce5f2afde240|Medium|Insecure Defaults|Query details
Documentation
|
-|Compute Instance Is Publicly Accessible
829f1c60-2bab-44c6-8a21-5cd9d39a2c82|Medium|Networking and Firewall|Query details
Documentation
|
-|GKE Master Authorized Networks Disabled
d43366c5-80b0-45de-bbe8-2338f4ab0a83|Medium|Networking and Firewall|Query details
Documentation
|
-|Google Compute Network Using Default Firewall Rule
29b8224a-60e9-4011-8ac2-7916a659841f|Medium|Networking and Firewall|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows All Ports
3602d273-3290-47b2-80fa-720162b1a8af|Medium|Networking and Firewall|Query details
Documentation
|
-|IP Forwarding Enabled
11bd3554-cd56-4257-8e25-7aaf30cf8f5f|Medium|Networking and Firewall|Query details
Documentation
|
-|Serial Ports Are Enabled For VM Instances
c6fc6f29-dc04-46b6-99ba-683c01aff350|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Access Is Not Restricted
b2fbf1df-76dd-4d78-a6c0-e538f4a9b016|Medium|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
507df964-ad97-4035-ab14-94a82eabdfdd|Medium|Observability|Query details
Documentation
|
-|Cloud Storage Bucket Versioning Disabled
7814ddda-e758-4a56-8be3-289a81ded929|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Connections Disabled
d7a5616f-0a3f-4d43-bc2b-29d1a183e317|Medium|Observability|Query details
Documentation
|
-|PostgreSQL log_checkpoints Flag Not Set To ON
89afe3f0-4681-4ce3-89ed-896cebd4277c|Medium|Observability|Query details
Documentation
|
-|Stackdriver Logging Disabled
19c9e2a0-fc33-4264-bba1-e3682661e8f7|Medium|Observability|Query details
Documentation
|
-|Stackdriver Monitoring Disabled
20dcd953-a8b8-4892-9026-9afa6d05a525|Medium|Observability|Query details
Documentation
|
-|Node Auto Upgrade Disabled
d6e10477-2e19-4bcd-b8a8-19c65b89ccdf|Medium|Resource Management|Query details
Documentation
|
-|High Google KMS Crypto Key Rotation Period
f9b7086b-deb8-4034-9330-d7fd38f1b8de|Medium|Secret Management|Query details
Documentation
|
-|Project-wide SSH Keys Are Enabled In VM Instances
099b4411-d11e-4537-a0fc-146b19762a79|Medium|Secret Management|Query details
Documentation
|
-|Cluster Labels Disabled
fbe9b2d0-a2b7-47a1-a534-03775f3013f7|Low|Insecure Configurations|Query details
Documentation
|
-|COS Node Image Not Used
be41f891-96b1-4b9d-b74f-b922a918c778|Low|Insecure Configurations|Query details
Documentation
|
-|PostgreSQL Misconfigured Logging Duration Flag
aed98a2a-e680-497a-8886-277cea0f4514|Low|Insecure Configurations|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows Port Range
7289eebd-a477-4064-8ad4-3c044bd70b00|Low|Networking and Firewall|Query details
Documentation
|
-|Google Compute Subnetwork with Private Google Access Disabled
6a4080ae-79bd-42f6-a924-8f534c1c018b|Low|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Logging Of Temporary Files Disabled
d6fae5b6-ada9-46c0-8b36-3108a2a2f77b|Low|Observability|Query details
Documentation
|
-|PostgreSQL Misconfigured Log Messages Flag
28a757fc-3d8f-424a-90c0-4233363b2711|Low|Observability|Query details
Documentation
|
+|Cloud Storage Anonymous or Publicly Accessible
086031e1-9d4a-4249-acb3-5bfe4c363db2|Critical|Access Control|Query details
Documentation
|
+|SQL DB Instance Publicly Accessible
7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b|Critical|Insecure Configurations|Query details
Documentation
|
+|BigQuery Dataset Is Public
2263b286-2fe9-4747-a0ae-8b4768a2bbd2|High|Access Control|Query details
Documentation
|
+|SQL DB Instance With SSL Disabled
d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb|High|Encryption|Query details
Documentation
|
+|Client Certificate Disabled
20180133-a0d0-4745-bfe0-94049fbb12a9|High|Insecure Configurations|Query details
Documentation
|
+|Cloud SQL Instance With Contained Database Authentication On
6d34aff3-fdd2-460c-8190-756a3b4969e8|High|Insecure Configurations|Query details
Documentation
|
+|Cloud SQL Instance With Cross DB Ownership Chaining On
9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f|High|Insecure Configurations|Query details
Documentation
|
+|GKE Legacy Authorization Enabled
300a9964-b086-41f7-9378-b6de3ba1c32b|High|Insecure Configurations|Query details
Documentation
|
+|MySQL Instance With Local Infile On
a7b520bb-2509-4fb0-be05-bc38f54c7a4c|High|Insecure Configurations|Query details
Documentation
|
+|RDP Access Is Not Restricted
75418eb9-39ec-465f-913c-6f2b6a80dc77|High|Networking and Firewall|Query details
Documentation
|
+|VM With Full Cloud Access
bc20bbc6-0697-4568-9a73-85af1dd97bdd|Medium|Access Control|Query details
Documentation
|
+|SQL DB Instance Backup Disabled
0c82eae2-aca0-401f-93e4-fb37a0f9e5e8|Medium|Backup|Query details
Documentation
|
+|Disk Encryption Disabled
092bae86-6105-4802-99d2-99cd7e7431f3|Medium|Encryption|Query details
Documentation
|
+|DNSSEC Using RSASHA1
6cf4c3a7-ceb0-4475-8892-3745b84be24a|Medium|Encryption|Query details
Documentation
|
+|Google Compute SSL Policy Weak Cipher In Use
b28bcd2f-c309-490e-ab7c-35fc4023eb26|Medium|Encryption|Query details
Documentation
|
+|Cloud DNS Without DNSSEC
80b15fb1-6207-40f4-a803-6915ae619a03|Medium|Insecure Configurations|Query details
Documentation
|
+|Cluster Master Authentication Disabled
9df7f78f-ebe3-432e-ac3b-b67189c15518|Medium|Insecure Configurations|Query details
Documentation
|
+|GKE Basic Authentication Enabled
344bf8ab-9308-462b-a6b2-697432e40ba1|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Container Node Pool Auto Repair Disabled
d58c6f24-3763-4269-9f5b-86b2569a003b|Medium|Insecure Configurations|Query details
Documentation
|
+|IP Aliasing Disabled
ed672a9f-fbf0-44d8-a47d-779501b0db05|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Policy Disabled
98e04ca0-34f5-4c74-8fec-d2e611ce2790|Medium|Insecure Configurations|Query details
Documentation
|
+|OSLogin Is Disabled In VM Instance
66dae697-507b-4aef-be18-eec5bd707f33|Medium|Insecure Configurations|Query details
Documentation
|
+|Private Cluster Disabled
3b30e3d6-c99b-4318-b38f-b99db74578b5|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded VM Disabled
18d3a83d-4414-49dc-90ea-f0387b2856cc|Medium|Insecure Configurations|Query details
Documentation
|
+|Using Default Service Account
2775e169-e708-42a9-9305-b58aadd2c4dd|Medium|Insecure Configurations|Query details
Documentation
|
+|GKE Using Default Service Account
dc126833-125a-40fb-905a-ce5f2afde240|Medium|Insecure Defaults|Query details
Documentation
|
+|Compute Instance Is Publicly Accessible
829f1c60-2bab-44c6-8a21-5cd9d39a2c82|Medium|Networking and Firewall|Query details
Documentation
|
+|GKE Master Authorized Networks Disabled
d43366c5-80b0-45de-bbe8-2338f4ab0a83|Medium|Networking and Firewall|Query details
Documentation
|
+|Google Compute Network Using Default Firewall Rule
29b8224a-60e9-4011-8ac2-7916a659841f|Medium|Networking and Firewall|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows All Ports
3602d273-3290-47b2-80fa-720162b1a8af|Medium|Networking and Firewall|Query details
Documentation
|
+|IP Forwarding Enabled
11bd3554-cd56-4257-8e25-7aaf30cf8f5f|Medium|Networking and Firewall|Query details
Documentation
|
+|Serial Ports Are Enabled For VM Instances
c6fc6f29-dc04-46b6-99ba-683c01aff350|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Access Is Not Restricted
b2fbf1df-76dd-4d78-a6c0-e538f4a9b016|Medium|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
507df964-ad97-4035-ab14-94a82eabdfdd|Medium|Observability|Query details
Documentation
|
+|Cloud Storage Bucket Versioning Disabled
7814ddda-e758-4a56-8be3-289a81ded929|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Connections Disabled
d7a5616f-0a3f-4d43-bc2b-29d1a183e317|Medium|Observability|Query details
Documentation
|
+|PostgreSQL log_checkpoints Flag Not Set To ON
89afe3f0-4681-4ce3-89ed-896cebd4277c|Medium|Observability|Query details
Documentation
|
+|Stackdriver Logging Disabled
19c9e2a0-fc33-4264-bba1-e3682661e8f7|Medium|Observability|Query details
Documentation
|
+|Stackdriver Monitoring Disabled
20dcd953-a8b8-4892-9026-9afa6d05a525|Medium|Observability|Query details
Documentation
|
+|Node Auto Upgrade Disabled
d6e10477-2e19-4bcd-b8a8-19c65b89ccdf|Medium|Resource Management|Query details
Documentation
|
+|High Google KMS Crypto Key Rotation Period
f9b7086b-deb8-4034-9330-d7fd38f1b8de|Medium|Secret Management|Query details
Documentation
|
+|Project-wide SSH Keys Are Enabled In VM Instances
099b4411-d11e-4537-a0fc-146b19762a79|Medium|Secret Management|Query details
Documentation
|
+|Cluster Labels Disabled
fbe9b2d0-a2b7-47a1-a534-03775f3013f7|Low|Insecure Configurations|Query details
Documentation
|
+|COS Node Image Not Used
be41f891-96b1-4b9d-b74f-b922a918c778|Low|Insecure Configurations|Query details
Documentation
|
+|PostgreSQL Misconfigured Logging Duration Flag
aed98a2a-e680-497a-8886-277cea0f4514|Low|Insecure Configurations|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows Port Range
7289eebd-a477-4064-8ad4-3c044bd70b00|Low|Networking and Firewall|Query details
Documentation
|
+|Google Compute Subnetwork with Private Google Access Disabled
6a4080ae-79bd-42f6-a924-8f534c1c018b|Low|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Logging Of Temporary Files Disabled
d6fae5b6-ada9-46c0-8b36-3108a2a2f77b|Low|Observability|Query details
Documentation
|
+|PostgreSQL Misconfigured Log Messages Flag
28a757fc-3d8f-424a-90c0-4233363b2711|Low|Observability|Query details
Documentation
|
### HOSTS
Below are listed queries related to Ansible HOSTS:
@@ -257,7 +257,7 @@ Below are listed queries related to Ansible HOSTS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Ansible Tower Exposed To Internet
1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc|Medium|Best Practices|Query details
Documentation
|
+|Ansible Tower Exposed To Internet
1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc|Medium|Best Practices|Query details
Documentation
|
### SHARED (V2/V3)
Below are listed queries related to Ansible SHARED (V2/V3):
@@ -266,9 +266,9 @@ Below are listed queries related to Ansible SHARED (V2/V3):
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Privilege Escalation Using Become Plugin
0e75052f-cc02-41b8-ac39-a78017527e95|Medium|Access Control|Query details
Documentation
|
-|Communication Over HTTP
2e8d4922-8362-4606-8c14-aa10466a1ce3|Medium|Insecure Configurations|Query details
Documentation
|
-|Insecure Relative Path Resolution
8d22ae91-6ac1-459f-95be-d37bd373f244|Low|Best Practices|Query details
Documentation
|
-|Logging of Sensitive Data
59029ddf-e651-412b-ae7b-ff6d403184bc|Low|Best Practices|Query details
Documentation
|
-|Unpinned Package Version
c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8|Low|Supply-Chain|Query details
Documentation
|
-|Risky File Permissions
88841d5c-d22d-4b7e-a6a0-89ca50e44b9f|Info|Supply-Chain|Query details
Documentation
|
+|Privilege Escalation Using Become Plugin
0e75052f-cc02-41b8-ac39-a78017527e95|Medium|Access Control|Query details
Documentation
|
+|Communication Over HTTP
2e8d4922-8362-4606-8c14-aa10466a1ce3|Medium|Insecure Configurations|Query details
Documentation
|
+|Insecure Relative Path Resolution
8d22ae91-6ac1-459f-95be-d37bd373f244|Low|Best Practices|Query details
Documentation
|
+|Logging of Sensitive Data
59029ddf-e651-412b-ae7b-ff6d403184bc|Low|Best Practices|Query details
Documentation
|
+|Unpinned Package Version
c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8|Low|Supply-Chain|Query details
Documentation
|
+|Risky File Permissions
88841d5c-d22d-4b7e-a6a0-89ca50e44b9f|Info|Supply-Chain|Query details
Documentation
|
diff --git a/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md b/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md
index cfae2d35077..b5448aef13a 100644
--- a/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md
+++ b/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/privilege_escalation_using_become_plugin)
### Description
diff --git a/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md b/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md
index 65f33bff44a..e3224edb6d5 100644
--- a/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md
+++ b/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/hosts/ansible_tower_exposed_to_internet)
### Description
diff --git a/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md b/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md
index cc8544f3a5f..533ab4f3605 100644
--- a/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md
+++ b/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/communication_over_http)
### Description
diff --git a/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md b/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md
index 3966cf7496c..e4f63de96ea 100644
--- a/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md
+++ b/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/privilege_escalation_using_become_plugin)
### Description
diff --git a/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md b/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md
index 24226bc5f37..cd34b6ce8dc 100644
--- a/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md
+++ b/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/logging_of_sensitive_data)
### Description
diff --git a/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md b/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md
index beb1f114288..453fba09789 100644
--- a/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md
+++ b/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/allow_unsafe_lookups_enabled)
### Description
diff --git a/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md b/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md
index 7ccb0ac9f0d..8e47c1e04ff 100644
--- a/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md
+++ b/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Info
- **Category:** Supply-Chain
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/risky_file_permissions)
### Description
diff --git a/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md b/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md
index 252d58c3afb..23a9cd19a53 100644
--- a/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md
+++ b/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/insecure_relative_path_resolution)
### Description
diff --git a/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md b/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md
index ac66c9702be..47ac677927f 100644
--- a/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md
+++ b/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecs_task_definition_network_mode_not_recommended)
### Description
diff --git a/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md b/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md
index 573302cb159..201cff99f49 100644
--- a/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md
+++ b/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/auto_scaling_group_with_no_associated_elb)
### Description
diff --git a/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md b/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md
index cd65ae66988..d38f15942f6 100644
--- a/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md
+++ b/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/db_security_group_with_public_scope)
### Description
diff --git a/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md b/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md
index a67a737edc1..97e3b644c8c 100644
--- a/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md
+++ b/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_database_auth_not_enabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md b/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md
index ad8f5ec0dff..a7e262ee8b5 100644
--- a/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md
+++ b/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policy_grants_assumerole_permission_across_all_services)
### Description
diff --git a/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md b/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md
index f9307a71fb2..42b2a74534b 100644
--- a/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md
+++ b/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cmk_is_unusable)
### Description
diff --git a/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md b/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md
index dece6ec3c0c..f71406fdd07 100644
--- a/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md
+++ b/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_associated_with_public_subnet)
### Description
diff --git a/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md b/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md
index eec281df521..e65bacb616d 100644
--- a/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md
+++ b/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/stack_retention_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md b/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md
index cd19e76f941..d318bbfb8aa 100644
--- a/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md
+++ b/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_permission_principal_is_wildcard)
### Description
diff --git a/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md b/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md
index 7871f6bdbee..fa8104eff47 100644
--- a/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md
+++ b/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elb_using_weak_ciphers)
### Description
diff --git a/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md b/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md
index bba8a494d27..33b577399af 100644
--- a/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md
+++ b/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_xray_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md b/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md
index bd79368b8fb..a6434552d3f 100644
--- a/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md
+++ b/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/secure_ciphers_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md b/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md
index a172be4ec5c..8849ba71b9f 100644
--- a/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md
+++ b/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudfront_without_waf)
### Description
diff --git a/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md b/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md
index cab9f14997b..e881b26a8b2 100644
--- a/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md
+++ b/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_function_without_tags)
### Description
diff --git a/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md b/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md
index 2f79155a5d1..22b1bca788c 100644
--- a/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md
+++ b/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_using_default_port)
### Description
diff --git a/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md b/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md
index e75a5336ede..a5573f2a63b 100644
--- a/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md
+++ b/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/stack_without_template)
### Description
diff --git a/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md b/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md
index 10cca4f190b..d7bedab9b16 100644
--- a/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md
+++ b/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_not_ebs_optimized)
### Description
diff --git a/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md b/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md
index 6d2cfcfd68a..5d53460a51c 100644
--- a/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md
+++ b/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_with_unsecured_cors_rule)
### Description
diff --git a/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md b/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md
index 09cccf852db..cbad0de0ba3 100644
--- a/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md
+++ b/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_access_to_any_principal)
### Description
diff --git a/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md b/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md
index c23c8fba6f0..1f1c52b6d14 100644
--- a/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md
+++ b/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_permission_misconfigured)
### Description
diff --git a/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md b/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md
index 523c708b9a0..cb383d38811 100644
--- a/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md
+++ b/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/misconfigured_password_policy_expiration)
### Description
diff --git a/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md b/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md
index 131480f13f1..95f047d7d9a 100644
--- a/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md
+++ b/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/route53_record_undefined)
### Description
diff --git a/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md b/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md
index f08b65b161b..bf8fae248a1 100644
--- a/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md
+++ b/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ebs_volume_encryption_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md b/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md
index f3ae40873c6..44cec00b217 100644
--- a/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md
+++ b/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_log_file_validation_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md b/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md
index 608af41a797..17bc0d6cc99 100644
--- a/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md
+++ b/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_group_has_public_interface)
### Description
diff --git a/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md b/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md
index 82497203e76..08e730e7a97 100644
--- a/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md
+++ b/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_get_action_from_all_principals)
### Description
diff --git a/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md b/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md
index 7de8ef33f22..b69b404ce22 100644
--- a/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md
+++ b/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elasticache_without_vpc)
### Description
diff --git a/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md b/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md
index 94bc4e97986..16af4aae074 100644
--- a/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md
+++ b/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_endpoint_config_is_not_private)
### Description
diff --git a/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md b/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md
index 39191770587..600d6753939 100644
--- a/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md
+++ b/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/security_group_with_unrestricted_access_to_ssh)
### Description
diff --git a/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md b/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md
index 8021d0b7c92..0dfb11fa2b1 100644
--- a/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md
+++ b/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_without_server-side_encryption)
### Description
diff --git a/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md b/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md
index dc2f060d033..2e2f4113a42 100644
--- a/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md
+++ b/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/certificate_has_expired)
### Description
diff --git a/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md b/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md
index 94025ba9827..e37c57f276d 100644
--- a/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md
+++ b/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/kms_key_with_full_permissions)
### Description
diff --git a/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md b/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md
index 4ea7a46c30a..d9542e332ac 100644
--- a/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md
+++ b/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_sns_topic_name_undefined)
### Description
diff --git a/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md b/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md
index fae2314c55f..2b1a4b5609b 100644
--- a/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md
+++ b/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redshift_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md b/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md
index 4fd02cdf2f0..7b5a146ef03 100644
--- a/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md
+++ b/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/public_lambda_via_api_gateway)
### Description
diff --git a/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md b/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md
index 8332b77bc78..f58d833dccb 100644
--- a/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md
+++ b/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ca_certificate_identifier_is_outdated)
### Description
diff --git a/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md b/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md
index aa3888e5caa..be9e4952159 100644
--- a/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md
+++ b/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecr_image_tag_not_immutable)
### Description
diff --git a/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md b/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md
index ba1e81a7539..4832a8c032f 100644
--- a/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md
+++ b/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/instance_with_no_vpc)
### Description
diff --git a/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md b/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md
index 17b50b447d6..d2f9acaed2a 100644
--- a/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md
+++ b/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/launch_configuration_is_not_encrypted)
### Description
diff --git a/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md b/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md
index 1c50db98eae..a94b4650807 100644
--- a/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md
+++ b/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redshift_not_encrypted)
### Description
diff --git a/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md b/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md
index 206ec940a18..e3c82ed1d05 100644
--- a/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md
+++ b/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_with_all_permissions)
### Description
diff --git a/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md b/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md
index e34c41a21f1..74a13d097bf 100644
--- a/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md
+++ b/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_multi_region_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md b/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md
index 714f8d3ce76..17e36df40d3 100644
--- a/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md
+++ b/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/password_without_reuse_prevention)
### Description
diff --git a/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md b/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md
index 12f9320ce8b..30180210e1d 100644
--- a/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md
+++ b/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_delete_action_from_all_principals)
### Description
diff --git a/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md b/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md
index 005e24b3324..f66c2fdf761 100644
--- a/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md
+++ b/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_functions_without_x-ray_tracing)
### Description
diff --git a/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md b/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md
index 90fa5b05503..48a241ce098 100644
--- a/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md
+++ b/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/public_port_wide)
### Description
diff --git a/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md b/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md
index 89a0f94d122..a89e920a423 100644
--- a/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md
+++ b/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/unknown_port_exposed_to_internet)
### Description
diff --git a/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md b/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md
index d6f859b1c5e..bd8ac21e756 100644
--- a/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md
+++ b/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/efs_not_encrypted)
### Description
diff --git a/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md b/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md
index 9ccbb29c7db..a0638ac59f9 100644
--- a/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md
+++ b/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_with_cloudwatch_logging_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md b/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md
index 8fe634f2c64..fab36adb9ca 100644
--- a/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md
+++ b/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elb_using_insecure_protocols)
### Description
diff --git a/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md b/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md
index 1f2dc0751eb..d4f4bcd0b9c 100644
--- a/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md
+++ b/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_acl_allows_read_to_any_authenticated_user)
### Description
diff --git a/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md b/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md
index 3def76bba6d..f2be32dc2d9 100644
--- a/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md
+++ b/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/config_rule_for_encrypted_volumes_is_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md b/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md
index ad01b421c2a..84835f5bb8e 100644
--- a/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md
+++ b/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sql_analysis_services_port_2383_is_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md b/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md
index 7f88881a70b..35a319a5b05 100644
--- a/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md
+++ b/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elasticache_using_default_port)
### Description
diff --git a/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md b/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md
index 4b5cf565cb8..c80432246c4 100644
--- a/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md
+++ b/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecs_service_admin_role_is_present)
### Description
diff --git a/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md b/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md
index deeac19b839..de067733722 100644
--- a/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md
+++ b/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/db_instance_storage_not_encrypted)
### Description
diff --git a/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md b/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md
index 22cc8249c4a..cf3e614dcec 100644
--- a/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md
+++ b/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_access_key_is_exposed)
### Description
diff --git a/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md b/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md
index 6c3c2dc4076..c62ea020717 100644
--- a/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md
+++ b/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/default_security_groups_with_unrestricted_traffic)
### Description
diff --git a/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md b/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md
index 9a9f1abb896..9f711e6a4fe 100644
--- a/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md
+++ b/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/unrestricted_security_group_ingress)
### Description
diff --git a/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md b/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md
index 58bf3869452..aefdd4c89b4 100644
--- a/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md
+++ b/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/automatic_minor_upgrades_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md b/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md
index 169dbc61a50..5415e33ebd2 100644
--- a/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md
+++ b/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_queue_exposed)
### Description
diff --git a/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md b/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md
index 14cdb5cd4f7..e9335368b57 100644
--- a/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md
+++ b/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_instance_using_default_vpc)
### Description
diff --git a/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md b/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md
index bec9f44b647..8b1f348b93e 100644
--- a/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md
+++ b/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_password_without_minimum_length)
### Description
diff --git a/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md b/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md
index 6447c973874..3a5333c99ad 100644
--- a/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md
+++ b/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_instance_using_default_security_group)
### Description
diff --git a/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md b/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md
index 976d4a0df62..f9526a93cb2 100644
--- a/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md
+++ b/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ses_policy_with_allowed_iam_actions)
### Description
diff --git a/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md b/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md
index 23c857aaef8..873abf1bed7 100644
--- a/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md
+++ b/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sns_topic_is_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md b/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md
index 32476ead786..24d86f595a2 100644
--- a/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md
+++ b/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_without_versioning)
### Description
diff --git a/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md b/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md
index d18a6f77d5d..40e1096a175 100644
--- a/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md
+++ b/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ami_not_encrypted)
### Description
diff --git a/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md b/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md
index a14ee21e32e..9fb275f07ba 100644
--- a/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md
+++ b/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redis_not_compliant)
### Description
diff --git a/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md b/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md
index 7997a8df947..2deeb24ec22 100644
--- a/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md
+++ b/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_put_action_from_all_principals)
### Description
diff --git a/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md b/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md
index b063f128b3a..ebe1d665bbe 100644
--- a/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md
+++ b/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/codebuild_not_encrypted)
### Description
diff --git a/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md b/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md
index 5f4622575dd..a9f568ed98a 100644
--- a/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md
+++ b/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/http_port_open_to_internet)
### Description
diff --git a/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md b/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md
index f216d074fa8..3afe582b503 100644
--- a/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md
+++ b/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ami_shared_with_multiple_accounts)
### Description
diff --git a/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md b/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md
index 04e87f775bc..d487eb15bdb 100644
--- a/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md
+++ b/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_acl_allows_read_to_all_users)
### Description
diff --git a/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md b/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md
index a1f419679f1..10d9274f857 100644
--- a/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md
+++ b/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/config_configuration_aggregator_to_all_regions_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md b/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md
index 66da1a61bf7..c4195fb32f9 100644
--- a/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md
+++ b/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/viewer_protocol_policy_allows_http)
### Description
diff --git a/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md b/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md
index a9b197d7aca..7380f85fe28 100644
--- a/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md
+++ b/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_instance_has_public_ip)
### Description
diff --git a/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md b/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md
index 6d66d7684a3..f14ee6047c5 100644
--- a/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md
+++ b/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa)
### Description
diff --git a/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md b/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md
index bb9f1e131f2..472590291ec 100644
--- a/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md
+++ b/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cmk_rotation_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md b/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md
index 7fc361c04b7..b2f22f5c7d4 100644
--- a/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md
+++ b/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_without_configured_authorizer)
### Description
diff --git a/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md b/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md
index 72095567bc0..6e37557282b 100644
--- a/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md
+++ b/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cdn_configuration_is_missing)
### Description
diff --git a/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md b/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md
index 5924d4d4a53..8014ee21371 100644
--- a/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md
+++ b/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_without_ssl_certificate)
### Description
diff --git a/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md b/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md
index 87b4a7bbb95..590d69b0bb3 100644
--- a/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md
+++ b/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policy_grants_full_permissions)
### Description
diff --git a/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md b/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md
index 8f373ae2398..81c1afdbcbb 100644
--- a/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md
+++ b/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/efs_without_tags)
### Description
diff --git a/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md b/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md
index 7a43c17f2c5..4ff7e46d752 100644
--- a/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md
+++ b/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_role_allows_all_principals_to_assume)
### Description
diff --git a/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md b/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md
index 036942c7403..6360e153edb 100644
--- a/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md
+++ b/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/efs_without_kms)
### Description
diff --git a/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md b/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md
index 0f3711381d6..090f1c5d8cc 100644
--- a/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md
+++ b/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_db_instance_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md b/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md
index bd6880f1fa7..ff509ed3844 100644
--- a/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md
+++ b/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/user_data_contains_encoded_private_key)
### Description
diff --git a/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md b/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md
index 6d817491421..e051e326759 100644
--- a/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md
+++ b/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/hardcoded_aws_access_key)
### Description
diff --git a/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md b/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md
index f233b69e59e..381afb28d65 100644
--- a/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md
+++ b/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_logging_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md b/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md
index 076be631499..824bc83aae3 100644
--- a/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md
+++ b/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_with_public_access)
### Description
diff --git a/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md b/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md
index 6d13109a907..4e727f9aa7a 100644
--- a/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md
+++ b/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudfront_without_minimum_protocol_tls_1.2)
### Description
diff --git a/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md b/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md
index 6aa5bc26d82..8eda8aece24 100644
--- a/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md
+++ b/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudfront_logging_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md b/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md
index e09f180ea6d..963322f1dfe 100644
--- a/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md
+++ b/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_list_action_from_all_principals)
### Description
diff --git a/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md b/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md
index e56e4d0f47d..fd70f46c746 100644
--- a/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md
+++ b/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/stack_notifications_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md b/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md
index 46e2a01e26a..503078bb279 100644
--- a/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md
+++ b/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_logging_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md b/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md
index 6e0a08fda8d..e74c8e77c3d 100644
--- a/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md
+++ b/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/certificate_rsa_key_bytes_lower_than_256)
### Description
diff --git a/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md b/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md
index 8b26cf1c728..4375d223cae 100644
--- a/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md
+++ b/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elasticsearch_with_https_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md b/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md
index 724a0856b23..dc2a7fddd00 100644
--- a/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md
+++ b/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_policy_with_public_access)
### Description
diff --git a/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md b/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md
index cb802696c0d..993bfbec006 100644
--- a/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md
+++ b/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/batch_job_definition_with_privileged_container_properties)
### Description
diff --git a/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md b/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md
index 3d36b9ea713..b284dc1d17f 100644
--- a/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md
+++ b/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redshift_using_default_port)
### Description
diff --git a/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md b/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md
index 98ca7cf1d5e..4bcf8a717c1 100644
--- a/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md
+++ b/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_with_sse_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md b/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md
index 06220fda7f5..50671a59079 100644
--- a/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md
+++ b/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Info
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudwatch_without_retention_period_specified)
### Description
diff --git a/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md b/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md
index 7e208483e19..cd2a8178636 100644
--- a/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md
+++ b/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/aws_password_policy_with_unchangeable_passwords)
### Description
diff --git a/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md b/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md
index b354d0e0eb4..9dacb150289 100644
--- a/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md
+++ b/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policies_with_full_privileges)
### Description
diff --git a/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md b/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md
index 061deecbfac..fa4cc621b99 100644
--- a/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md
+++ b/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_with_backup_disabled)
### Description
diff --git a/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md b/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md
index d0264be7f8e..b6b237fbf1c 100644
--- a/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md
+++ b/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/root_account_has_active_access_keys)
### Description
diff --git a/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md b/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md
index 54200b8eac2..3bde33af4cf 100644
--- a/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md
+++ b/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/db_security_group_open_to_large_scope)
### Description
diff --git a/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md b/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md
index 882b8ef9b3b..701f5bbe21a 100644
--- a/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md
+++ b/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/security_group_ingress_not_restricted)
### Description
diff --git a/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md b/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md
index 74e5ccd0aa3..b96e08b286e 100644
--- a/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md
+++ b/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policies_attached_to_user)
### Description
diff --git a/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md b/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md
index 1bac7ce4cd8..bf7deb21228 100644
--- a/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md
+++ b/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_not_integrated_with_cloudwatch)
### Description
diff --git a/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md b/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md
index bffc2541f2a..774799bf2ef 100644
--- a/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md
+++ b/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_policy_allows_all_actions)
### Description
diff --git a/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md b/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md
index 60a72c2a9a1..ca1f6093052 100644
--- a/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md
+++ b/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/remote_desktop_port_open)
### Description
diff --git a/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md b/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md
index b4ff406666a..a22d92740c8 100644
--- a/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md
+++ b/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/authentication_without_mfa)
### Description
diff --git a/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md b/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md
index f1ab4a23cc9..4e513aab322 100644
--- a/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md
+++ b/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/kinesis_not_encrypted_with_kms)
### Description
diff --git a/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md b/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md
index cd98759194f..1c4955a0d71 100644
--- a/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md
+++ b/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/hardcoded_aws_access_key_in_lambda)
### Description
diff --git a/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md b/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md
index b1d775d49a6..48c73f2c4a6 100644
--- a/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md
+++ b/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_group_without_users)
### Description
diff --git a/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md b/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md
index b3e3a31ffc5..6b42df84d61 100644
--- a/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md
+++ b/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_kms)
### Description
diff --git a/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md b/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md
index 2e0a5390aa5..54b8ca0cebe 100644
--- a/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md
+++ b/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecs_service_without_running_tasks)
### Description
diff --git a/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md b/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md
index 1c9a9e72df1..e07a75da2ce 100644
--- a/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md
+++ b/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_without_waf)
### Description
diff --git a/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md b/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md
index 41abd9d2788..8c9fc5ad937 100644
--- a/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md
+++ b/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/alb_listening_on_http)
### Description
diff --git a/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md b/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md
index 7ca1199163b..f99caf299d1 100644
--- a/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md
+++ b/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecr_repository_is_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md b/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md
index 9fc20a1f70d..3a689353163 100644
--- a/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md
+++ b/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/vulnerable_default_ssl_certificate)
### Description
diff --git a/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md b/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md
index e367f0c109c..dad67c26593 100644
--- a/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md
+++ b/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/no_stack_policy)
### Description
diff --git a/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md b/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md
index a316f0e5045..53fe46a16bf 100644
--- a/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md
+++ b/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/log_retention_is_not_set)
### Description
diff --git a/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md b/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md
index 60776324c25..b65e5ed4bd7 100644
--- a/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md
+++ b/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgresql_log_disconnections_not_set)
### Description
diff --git a/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md b/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md
index 19217c9dbf8..a4642cdeb48 100644
--- a/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md
+++ b/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/redis_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md b/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md
index 70bca063e54..84c6e7d2ece 100644
--- a/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md
+++ b/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sensitive_port_is_exposed_to_entire_network)
### Description
diff --git a/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md b/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md
index 5f6f7b36090..6a682889852 100644
--- a/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md
+++ b/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/redis_entirely_accessible)
### Description
diff --git a/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md b/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md
index 7b35ab013d2..8b5199d0be4 100644
--- a/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md
+++ b/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/aks_rbac_disabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md b/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md
index bef2357ae13..54fbf387d3c 100644
--- a/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md
+++ b/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/trusted_microsoft_services_not_enabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md b/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md
index bd6e81aa0a1..7c820d88fe1 100644
--- a/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md
+++ b/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/vm_not_attached_to_network)
### Description
diff --git a/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md b/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md
index c782d059b10..25c6c3d0100 100644
--- a/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md
+++ b/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/cosmosdb_account_without_tags)
### Description
diff --git a/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md b/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md
index 19065a677a5..25e095f3a31 100644
--- a/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md
+++ b/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/admin_user_enabled_for_container_registry)
### Description
diff --git a/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md b/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md
index f0d0eda514c..a9ae82e1496 100644
--- a/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md
+++ b/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/mysql_ssl_connection_disabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md b/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md
index de167c4ad12..929127a6355 100644
--- a/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md
+++ b/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/storage_account_not_forcing_https)
### Description
diff --git a/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md b/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md
index 99899e12ce3..5fa18c2ecf5 100644
--- a/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md
+++ b/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/waf_is_disabled_for_azure_application_gateway)
### Description
diff --git a/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md b/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md
index e56023a0b76..c3c7881d870 100644
--- a/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md
+++ b/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/public_storage_account)
### Description
diff --git a/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md b/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md
index cb1ae8f2b99..b155b5ce867 100644
--- a/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md
+++ b/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/small_activity_log_retention_period)
### Description
diff --git a/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md b/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md
index daab479d0b3..efb7b90535b 100644
--- a/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md
+++ b/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/unrestricted_sql_server_acess)
### Description
diff --git a/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md b/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md
index ee6766b233b..73979050dda 100644
--- a/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md
+++ b/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/storage_container_is_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md b/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md
index 49d7ff4fd74..2a3780bfaa5 100644
--- a/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md
+++ b/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sql_server_predictable_active_directory_admin_account_name)
### Description
diff --git a/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md b/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md
index 8b65fdc76e7..219090a1f44 100644
--- a/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md
+++ b/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/azure_container_registry_with_no_locks)
### Description
diff --git a/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md b/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md
index 42631254e7d..f82ff7ebb68 100644
--- a/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md
+++ b/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/role_definition_allows_custom_role_creation)
### Description
diff --git a/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md b/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md
index 592b128b0ec..c925709d80f 100644
--- a/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md
+++ b/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sql_server_predictable_admin_account_name)
### Description
diff --git a/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md b/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md
index ff5511e6536..20796881a95 100644
--- a/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md
+++ b/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/firewall_rule_allows_too_many_hosts_to_access_redis_cache)
### Description
diff --git a/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md b/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md
index 6d3af6bed28..48216b6fd8c 100644
--- a/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md
+++ b/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_log_duration_not_set)
### Description
diff --git a/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md b/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md
index cbc22813b5a..2236d7e2c38 100644
--- a/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md
+++ b/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_log_checkpoints_disabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md b/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md
index 1da70066cad..01bfa3c78b6 100644
--- a/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md
+++ b/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_log_connections_not_set)
### Description
diff --git a/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md b/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md
index 1c4d03a7a09..7c88175a664 100644
--- a/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md
+++ b/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/redis_cache_allows_non_ssl_connections)
### Description
diff --git a/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md b/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md
index dd0242d9943..be8676020ca 100644
--- a/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md
+++ b/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/key_vault_soft_delete_is_disabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md b/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md
index 74a547bf7c5..abe188d552c 100644
--- a/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md
+++ b/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/monitoring_log_profile_without_all_activities)
### Description
diff --git a/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md b/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md
index 79afcf01610..58c287740c3 100644
--- a/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md
+++ b/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/aks_network_policy_misconfigured)
### Description
diff --git a/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md b/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md
index d0b1b13962e..ddc56e420b1 100644
--- a/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md
+++ b/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/ssl_enforce_is_disabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md b/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md
index 549a94a050d..f4887b21815 100644
--- a/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md
+++ b/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_server_without_connection_throttling)
### Description
diff --git a/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md b/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md
index 4220cfc058c..a83d12f623b 100644
--- a/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md
+++ b/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/ad_admin_not_configured_for_sql_server)
### Description
diff --git a/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md b/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md
index 216cb36ea4c..9975497870f 100644
--- a/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md
+++ b/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/storage_account_not_using_latest_tls_encryption_version)
### Description
diff --git a/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md b/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md
index 09fe3c48299..d299b03a53e 100644
--- a/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md
+++ b/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/default_azure_storage_account_network_access_is_too_permissive)
### Description
diff --git a/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md b/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md
index 223b7a99ae5..0727a6cdf1d 100644
--- a/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md
+++ b/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/aks_monitoring_logging_disabled)
### Description
diff --git a/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md b/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md
index 5eaf18c5e79..c751c04e109 100644
--- a/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md
+++ b/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/security_group_is_not_configured)
### Description
diff --git a/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md b/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md
index 1c1355186e3..5d79e62a679 100644
--- a/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md
+++ b/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/azure_instance_using_basic_authentication)
### Description
diff --git a/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md b/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md
index d5a38c75377..5728073b1c0 100644
--- a/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md
+++ b/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/cosmosdb_account_ip_range_filter_not_set)
### Description
diff --git a/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md b/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md
index c132a0544d3..fb6abf57b72 100644
--- a/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md
+++ b/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/web_app_accepting_traffic_other_than_https)
### Description
diff --git a/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md b/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md
index dd3d93b75ef..a9ebfe74e89 100644
--- a/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md
+++ b/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sql_server_ingress_from_any_ip)
### Description
diff --git a/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md b/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md
index 0a727b467f6..f090f5dd827 100644
--- a/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md
+++ b/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/unpinned_package_version)
### Description
diff --git a/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md b/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md
index 23c01ccf7ef..7ef6d0c351a 100644
--- a/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md
+++ b/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/logging_of_sensitive_data)
### Description
diff --git a/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md b/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md
index 4f2884f7ae8..17c16f7c1ac 100644
--- a/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md
+++ b/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/communication_over_http)
### Description
diff --git a/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md b/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md
index f98b983c32c..c6281b92567 100644
--- a/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md
+++ b/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md b/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md
index 109ef7a0ed4..2ed403d9d9b 100644
--- a/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md
+++ b/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/disk_encryption_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md b/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md
index 8322237f970..f85e50c5e2f 100644
--- a/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md
+++ b/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances)
### Description
diff --git a/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md b/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md
index 18d4e5d034b..7d1ceb1c35c 100644
--- a/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md
+++ b/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/sql_db_instance_backup_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md b/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md
index 89494c1c44d..04acf183b40 100644
--- a/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md
+++ b/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/ip_forwarding_enabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md b/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md
index 5066ade95b0..6d69873068b 100644
--- a/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md
+++ b/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/shielded_vm_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md b/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md
index e73d335956b..ca0cb99c398 100644
--- a/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md
+++ b/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/stackdriver_logging_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md b/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md
index 9996b2517ab..0b0bdb3473e 100644
--- a/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md
+++ b/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/client_certificate_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md b/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md
index b8048531b5f..514fcbebb6d 100644
--- a/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md
+++ b/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/stackdriver_monitoring_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md b/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md
index 52313b61d58..838bf9e780c 100644
--- a/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md
+++ b/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/bigquery_dataset_is_public)
### Description
diff --git a/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md b/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md
index bf2e4594e89..e92735a5e51 100644
--- a/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md
+++ b/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/using_default_service_account)
### Description
diff --git a/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md b/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md
index a5f8df1459b..b4638b6bc3e 100644
--- a/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md
+++ b/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_misconfigured_log_messages_flag)
### Description
diff --git a/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md b/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md
index f20f14ce42d..5f69272e30c 100644
--- a/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md
+++ b/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_network_using_default_firewall_rule)
### Description
diff --git a/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md b/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md
index 8c64bb0bb20..37b9915a729 100644
--- a/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md
+++ b/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_legacy_authorization_enabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md b/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md
index 0875322510c..c202cc89d52 100644
--- a/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md
+++ b/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_basic_authentication_enabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md b/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md
index f70b4496c8b..3eb3596ff13 100644
--- a/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md
+++ b/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_network_using_firewall_rule_allows_all_ports)
### Description
diff --git a/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md b/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md
index 9f42b7a4b14..186a12ad635 100644
--- a/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md
+++ b/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/private_cluster_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md b/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md
index a724a776232..566fb82d59b 100644
--- a/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md
+++ b/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_storage_bucket_logging_not_enabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md b/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md
index f415fbdf0c5..151db403e09 100644
--- a/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md
+++ b/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/oslogin_is_disabled_for_vm_instance)
### Description
diff --git a/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md b/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md
index 54e210086cb..d0253ef6911 100644
--- a/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md
+++ b/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_subnetwork_with_private_google_access_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md b/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md
index 84da737a849..4ebeec1f946 100644
--- a/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md
+++ b/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/dnssec_using_rsasha1)
### Description
diff --git a/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md b/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md
index 6a09669fa79..424249ee9aa 100644
--- a/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md
+++ b/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_sql_instance_with_contained_database_authentication_on)
### Description
diff --git a/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md b/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md
index 85b79dee414..7e36bde84ba 100644
--- a/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md
+++ b/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_network_using_firewall_allows_port_range)
### Description
diff --git a/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md b/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md
index 43390e2e443..6699370de39 100644
--- a/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md
+++ b/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/rdp_access_is_not_restricted)
### Description
diff --git a/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md b/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md
index 7a13442a68a..bd2a31ba8c0 100644
--- a/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md
+++ b/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_storage_bucket_versioning_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md b/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md
index 24d2fe38c14..c6d76989414 100644
--- a/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md
+++ b/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Critical
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/sql_db_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md b/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md
index 4ad841ce126..26c14e8dc4a 100644
--- a/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md
+++ b/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_dns_without_dnnsec)
### Description
diff --git a/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md b/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md
index 44b56a1d35b..729e4d25a73 100644
--- a/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md
+++ b/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/compute_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md b/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md
index a851cba2af8..53bb817f9ea 100644
--- a/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md
+++ b/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_log_checkpoints_flag_not_set_to_on)
### Description
diff --git a/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md b/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md
index 184911db61d..f102acc7220 100644
--- a/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md
+++ b/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/network_policy_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md b/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md
index afe4a863d32..75d1ece9e14 100644
--- a/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md
+++ b/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cluster_master_authentication_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md b/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md
index 08ec1c6e2db..3e7a55c7f33 100644
--- a/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md
+++ b/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_sql_instance_with_cross_db_ownership_chaining_on)
### Description
diff --git a/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md b/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md
index 7ff93539ae6..652a70bd6f6 100644
--- a/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md
+++ b/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/mysql_instance_with_local_infile_on)
### Description
diff --git a/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md b/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md
index ac9233b251c..b99ca2952bc 100644
--- a/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md
+++ b/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_misconfigured_logging_duration_flag)
### Description
diff --git a/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md b/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md
index dddb373bf40..6e5b2bfe276 100644
--- a/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md
+++ b/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_ssl_policy_weak_cipher_in_use)
### Description
diff --git a/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md b/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md
index 6955ffc4f01..711c32e6882 100644
--- a/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md
+++ b/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/ssh_access_is_not_restricted)
### Description
diff --git a/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md b/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md
index bf77639ec50..fe724981669 100644
--- a/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md
+++ b/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/vm_with_full_cloud_access)
### Description
diff --git a/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md b/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md
index f09b06a9b92..e9177793276 100644
--- a/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md
+++ b/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cos_node_image_not_used)
### Description
diff --git a/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md b/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md
index 48d5dfd2d34..6950b384f24 100644
--- a/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md
+++ b/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/serial_ports_enabled_for_vm_instances)
### Description
diff --git a/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md b/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md
index 3b99ee66018..1aeb150befc 100644
--- a/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md
+++ b/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/sql_db_instance_with_ssl_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md b/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md
index 29498e589d5..38508269305 100644
--- a/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md
+++ b/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_master_authorized_networks_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md b/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md
index 7686e8edb74..5598a6f386d 100644
--- a/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md
+++ b/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_container_node_pool_auto_repair_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md b/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md
index 90a0e76b40e..a077d198f57 100644
--- a/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md
+++ b/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/node_auto_upgrade_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md b/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md
index 429029f3a22..f7c002c4635 100644
--- a/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md
+++ b/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_logging_of_temporary_files_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md b/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md
index b6b23e03a3f..5fb5d325db0 100644
--- a/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md
+++ b/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_log_connections_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md b/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md
index 9c035993c65..0b0b5f8a0a3 100644
--- a/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md
+++ b/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_using_default_service_account)
### Description
diff --git a/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md b/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md
index bf9fb85daeb..f5b0eace682 100644
--- a/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md
+++ b/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/ip_aliasing_disabled)
### Description
diff --git a/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md b/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md
index 382c9408434..50a77cacede 100644
--- a/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md
+++ b/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/high_google_kms_crypto_key_rotation_period)
### Description
diff --git a/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md b/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md
index 8e7c841e6ea..64ef7cb7127 100644
--- a/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md
+++ b/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Ansible
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cluster_labels_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries.md b/docs/queries/azureresourcemanager-queries.md
index 35d5859bf6a..ce25e03fdf3 100644
--- a/docs/queries/azureresourcemanager-queries.md
+++ b/docs/queries/azureresourcemanager-queries.md
@@ -3,45 +3,45 @@ This page contains all queries from AzureResourceManager.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|SQL Database Server Firewall Allows All IPS
6a3201a5-1630-494b-b294-3129d06b0eca|Critical|Networking and Firewall|Query details
Documentation
|
-|AKS Cluster RBAC Disabled
9307a2ed-35c2-413d-94de-a1a0682c2158|High|Access Control|Query details
Documentation
|
-|Default Azure Storage Account Network Access Is Too Permissive
d855ced8-6157-448f-9f1d-f05a41d046f7|High|Access Control|Query details
Documentation
|
-|Role Definitions Allow Custom Subscription Role Creation
8fa9ceea-881f-4ef0-b0b8-728f589699a7|High|Access Control|Query details
Documentation
|
-|Key Vault Not Recoverable
7c25f361-7c66-44bf-9b69-022acd5eb4bd|High|Backup|Query details
Documentation
|
-|Azure Managed Disk Without Encryption
350f3955-b5be-436f-afaa-3d2be2fa6cdd|High|Encryption|Query details
Documentation
|
-|Network Security Group With Unrestricted Access To RDP
59cb3da7-f206-4ae6-b827-7abf0a9cab9d|High|Networking and Firewall|Query details
Documentation
|
-|Storage Blob Service Container With Public Access
a0ab985d-660b-41f7-ac81-70957ee8e627|High|Networking and Firewall|Query details
Documentation
|
-|Hardcoded SecureString Parameter Default Value
4d2cf896-c053-4be5-9c95-8b4771112f29|High|Secret Management|Query details
Documentation
|
-|App Service Authentication Is Not Set
83130a07-235b-4a80-918b-a370e53f0bd9|Medium|Access Control|Query details
Documentation
|
-|Azure Instance Using Basic Authentication
6797f581-0433-4768-ae3e-7ceb2f8b138e|Medium|Best Practices|Query details
Documentation
|
-|Secret Without Expiration Date
cff9c3f7-e8f0-455f-9fb4-5f72326da96e|Medium|Best Practices|Query details
Documentation
|
-|SQL Server Database With Alerts Disabled
574e8d82-1db2-4b9c-b526-e320ede9a9ff|Medium|Best Practices|Query details
Documentation
|
-|Storage Account Allows Unsecure Transfer
1367dd13-2c90-4020-80b7-e4339a3dc2c4|Medium|Encryption|Query details
Documentation
|
-|Web App Not Using TLS Last Version
b5c851d5-00f1-43dc-a8de-3218fd6f71be|Medium|Encryption|Query details
Documentation
|
-|AKS Cluster Network Policy Not Configured
25c0228e-4444-459b-a2df-93c7df40b7ed|Medium|Insecure Configurations|Query details
Documentation
|
-|Website Not Forcing HTTPS
488847ff-6031-487c-bf42-98fd6ac5c9a0|Medium|Insecure Configurations|Query details
Documentation
|
-|MySQL Server SSL Enforcement Disabled
90120147-f2e7-4fda-bb21-6fa9109afd63|Medium|Networking and Firewall|Query details
Documentation
|
-|Network Security Group With Unrestricted Access To SSH
2ade1579-4b2c-4590-bebb-f99bf597f612|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Database Server Log Checkpoints Disabled
f9112910-c7bb-4864-9f5e-2059ba413bb7|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Database Server Log Connections Disabled
e69bda39-e1e2-47ca-b9ee-b6531b23aedd|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgreSQL Database Server SSL Disabled
bf500309-da53-4dd3-bcf7-95f7974545a5|Medium|Networking and Firewall|Query details
Documentation
|
-|PostgresSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|Medium|Networking and Firewall|Query details
Documentation
|
-|Trusted Microsoft Services Not Enabled
e25b56cd-a4d6-498f-ab92-e6296a082097|Medium|Networking and Firewall|Query details
Documentation
|
-|Website with Client Certificate Auth Disabled
92302b47-b0cc-46cb-a28f-5610ecda140b|Medium|Networking and Firewall|Query details
Documentation
|
-|AKS Logging To Azure Monitoring Is Disabled
9b09dee1-f09b-4013-91d2-158fa4695f4b|Medium|Observability|Query details
Documentation
|
-|SQL Server Database Without Auditing
e055285c-bc01-48b4-8aa5-8a54acdd29df|Medium|Observability|Query details
Documentation
|
-|Storage Logging For Read Write And Delete Requests Disabled
43f6e60c-9cdb-4e77-864d-a66595d26518|Medium|Observability|Query details
Documentation
|
-|Website Azure Active Directory Disabled
e9c133e5-c2dd-4b7b-8fff-40f2de367b56|Low|Access Control|Query details
Documentation
|
-|Phone Number Not Set For Security Contacts
3e9fcc67-1f64-405f-b2f9-0a6be17598f0|Low|Best Practices|Query details
Documentation
|
-|AKS Dashboard Is Enabled
c62d3b92-9a11-4ffd-b7b7-6faaae83faed|Low|Insecure Configurations|Query details
Documentation
|
-|AKS With Authorized IP Ranges Disabled
2583fab1-953b-4fae-bd02-4a136a6c21f9|Low|Networking and Firewall|Query details
Documentation
|
-|Storage Account Allows Default Network Access
9073f073-5d60-4b46-b569-0d6baa80ed95|Low|Networking and Firewall|Query details
Documentation
|
-|Website with 'Http20Enabled' Disabled
70111098-7f85-48f0-b1b4-e4261cf5f61b|Low|Networking and Firewall|Query details
Documentation
|
-|Log Profile Incorrect Category
4d522e7b-f938-4d51-a3b1-974ada528bd3|Low|Observability|Query details
Documentation
|
-|SQL Server Database With Unrecommended Retention Days
c09cdac2-7670-458a-bf6c-efad6880973a|Low|Observability|Query details
Documentation
|
-|Unrecommended Log Profile Retention Policy
25684eac-daaa-4c2c-94b4-8d2dbb627909|Low|Observability|Query details
Documentation
|
-|Unrecommended Network Watcher Flow Log Retention Policy
564b70f8-41cd-4690-aff8-bb53add86bc9|Low|Observability|Query details
Documentation
|
-|Standard Price Is Not Selected
2081c7d6-2851-4cce-bda5-cb49d462da42|Low|Resource Management|Query details
Documentation
|
-|Account Admins Not Notified By Email
a8852cc0-fd4b-4fc7-9372-1e43fad0732e|Info|Best Practices|Query details
Documentation
|
-|SQL Alert Policy Without Emails
89b79fe5-49bd-4d39-84ce-55f5fc6f7764|Info|Best Practices|Query details
Documentation
|
-|Email Notifications Disabled
79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92|Info|Networking and Firewall|Query details
Documentation
|
+|SQL Database Server Firewall Allows All IPS
6a3201a5-1630-494b-b294-3129d06b0eca|Critical|Networking and Firewall|Query details
Documentation
|
+|AKS Cluster RBAC Disabled
9307a2ed-35c2-413d-94de-a1a0682c2158|High|Access Control|Query details
Documentation
|
+|Default Azure Storage Account Network Access Is Too Permissive
d855ced8-6157-448f-9f1d-f05a41d046f7|High|Access Control|Query details
Documentation
|
+|Role Definitions Allow Custom Subscription Role Creation
8fa9ceea-881f-4ef0-b0b8-728f589699a7|High|Access Control|Query details
Documentation
|
+|Key Vault Not Recoverable
7c25f361-7c66-44bf-9b69-022acd5eb4bd|High|Backup|Query details
Documentation
|
+|Azure Managed Disk Without Encryption
350f3955-b5be-436f-afaa-3d2be2fa6cdd|High|Encryption|Query details
Documentation
|
+|Network Security Group With Unrestricted Access To RDP
59cb3da7-f206-4ae6-b827-7abf0a9cab9d|High|Networking and Firewall|Query details
Documentation
|
+|Storage Blob Service Container With Public Access
a0ab985d-660b-41f7-ac81-70957ee8e627|High|Networking and Firewall|Query details
Documentation
|
+|Hardcoded SecureString Parameter Default Value
4d2cf896-c053-4be5-9c95-8b4771112f29|High|Secret Management|Query details
Documentation
|
+|App Service Authentication Is Not Set
83130a07-235b-4a80-918b-a370e53f0bd9|Medium|Access Control|Query details
Documentation
|
+|Azure Instance Using Basic Authentication
6797f581-0433-4768-ae3e-7ceb2f8b138e|Medium|Best Practices|Query details
Documentation
|
+|Secret Without Expiration Date
cff9c3f7-e8f0-455f-9fb4-5f72326da96e|Medium|Best Practices|Query details
Documentation
|
+|SQL Server Database With Alerts Disabled
574e8d82-1db2-4b9c-b526-e320ede9a9ff|Medium|Best Practices|Query details
Documentation
|
+|Storage Account Allows Unsecure Transfer
1367dd13-2c90-4020-80b7-e4339a3dc2c4|Medium|Encryption|Query details
Documentation
|
+|Web App Not Using TLS Last Version
b5c851d5-00f1-43dc-a8de-3218fd6f71be|Medium|Encryption|Query details
Documentation
|
+|AKS Cluster Network Policy Not Configured
25c0228e-4444-459b-a2df-93c7df40b7ed|Medium|Insecure Configurations|Query details
Documentation
|
+|Website Not Forcing HTTPS
488847ff-6031-487c-bf42-98fd6ac5c9a0|Medium|Insecure Configurations|Query details
Documentation
|
+|MySQL Server SSL Enforcement Disabled
90120147-f2e7-4fda-bb21-6fa9109afd63|Medium|Networking and Firewall|Query details
Documentation
|
+|Network Security Group With Unrestricted Access To SSH
2ade1579-4b2c-4590-bebb-f99bf597f612|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Database Server Log Checkpoints Disabled
f9112910-c7bb-4864-9f5e-2059ba413bb7|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Database Server Log Connections Disabled
e69bda39-e1e2-47ca-b9ee-b6531b23aedd|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgreSQL Database Server SSL Disabled
bf500309-da53-4dd3-bcf7-95f7974545a5|Medium|Networking and Firewall|Query details
Documentation
|
+|PostgresSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|Medium|Networking and Firewall|Query details
Documentation
|
+|Trusted Microsoft Services Not Enabled
e25b56cd-a4d6-498f-ab92-e6296a082097|Medium|Networking and Firewall|Query details
Documentation
|
+|Website with Client Certificate Auth Disabled
92302b47-b0cc-46cb-a28f-5610ecda140b|Medium|Networking and Firewall|Query details
Documentation
|
+|AKS Logging To Azure Monitoring Is Disabled
9b09dee1-f09b-4013-91d2-158fa4695f4b|Medium|Observability|Query details
Documentation
|
+|SQL Server Database Without Auditing
e055285c-bc01-48b4-8aa5-8a54acdd29df|Medium|Observability|Query details
Documentation
|
+|Storage Logging For Read Write And Delete Requests Disabled
43f6e60c-9cdb-4e77-864d-a66595d26518|Medium|Observability|Query details
Documentation
|
+|Website Azure Active Directory Disabled
e9c133e5-c2dd-4b7b-8fff-40f2de367b56|Low|Access Control|Query details
Documentation
|
+|Phone Number Not Set For Security Contacts
3e9fcc67-1f64-405f-b2f9-0a6be17598f0|Low|Best Practices|Query details
Documentation
|
+|AKS Dashboard Is Enabled
c62d3b92-9a11-4ffd-b7b7-6faaae83faed|Low|Insecure Configurations|Query details
Documentation
|
+|AKS With Authorized IP Ranges Disabled
2583fab1-953b-4fae-bd02-4a136a6c21f9|Low|Networking and Firewall|Query details
Documentation
|
+|Storage Account Allows Default Network Access
9073f073-5d60-4b46-b569-0d6baa80ed95|Low|Networking and Firewall|Query details
Documentation
|
+|Website with 'Http20Enabled' Disabled
70111098-7f85-48f0-b1b4-e4261cf5f61b|Low|Networking and Firewall|Query details
Documentation
|
+|Log Profile Incorrect Category
4d522e7b-f938-4d51-a3b1-974ada528bd3|Low|Observability|Query details
Documentation
|
+|SQL Server Database With Unrecommended Retention Days
c09cdac2-7670-458a-bf6c-efad6880973a|Low|Observability|Query details
Documentation
|
+|Unrecommended Log Profile Retention Policy
25684eac-daaa-4c2c-94b4-8d2dbb627909|Low|Observability|Query details
Documentation
|
+|Unrecommended Network Watcher Flow Log Retention Policy
564b70f8-41cd-4690-aff8-bb53add86bc9|Low|Observability|Query details
Documentation
|
+|Standard Price Is Not Selected
2081c7d6-2851-4cce-bda5-cb49d462da42|Low|Resource Management|Query details
Documentation
|
+|Account Admins Not Notified By Email
a8852cc0-fd4b-4fc7-9372-1e43fad0732e|Info|Best Practices|Query details
Documentation
|
+|SQL Alert Policy Without Emails
89b79fe5-49bd-4d39-84ce-55f5fc6f7764|Info|Best Practices|Query details
Documentation
|
+|Email Notifications Disabled
79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92|Info|Networking and Firewall|Query details
Documentation
|
diff --git a/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md b/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md
index 2320e9f6a20..ab2c7ceb4ab 100644
--- a/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md
+++ b/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_account_allows_unsecure_transfer)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md b/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md
index 14986e25a23..f6b3f29d6cd 100644
--- a/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md
+++ b/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/standard_price_not_selected)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md b/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md
index 342d88f3f91..0245523be09 100644
--- a/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md
+++ b/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/unrecommended_log_profile_retention_policy)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md b/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md
index 16ccadc744f..ed3261b7cf5 100644
--- a/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md
+++ b/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_with_authorized_ip_ranges_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md b/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md
index 68f000b5895..81053fbeb26 100644
--- a/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md
+++ b/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_cluster_network_policy_not_configured)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md b/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md
index 45ccb5cc82e..4f701de505b 100644
--- a/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md
+++ b/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/network_security_group_with_unrestricted_access_to_ssh)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md b/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md
index 2fe91f03b98..7f1655600ca 100644
--- a/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md
+++ b/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/azure_managed_disk_without_encryption)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md b/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md
index 9176af79b41..6b37f8b1e6a 100644
--- a/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md
+++ b/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/phone_number_not_set_security_contacts)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md b/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md
index 6846cdaca8d..00feb549bfc 100644
--- a/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md
+++ b/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_logging_for_read_write_delete_requests_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md b/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md
index ea9c4363a78..cc0e49af28d 100644
--- a/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md
+++ b/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_not_forcing_https)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md b/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md
index b53f88cf6b5..92f8c9ad646 100644
--- a/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md
+++ b/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/hardcoded_securestring_parameter_default_value)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md b/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md
index 2f176b0495c..83a0416b2e4 100644
--- a/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md
+++ b/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/log_profile_incorrect_category)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md b/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md
index 37d28217b55..2a6572a15fa 100644
--- a/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md
+++ b/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/unrecommended_network_watcher_flow_log_retention_policy)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md b/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md
index 13d3f8bfb58..a548599238f 100644
--- a/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md
+++ b/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_server_database_with_alerts_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md b/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md
index bb08d2a1fa0..a8fe60ba13c 100644
--- a/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md
+++ b/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/network_security_group_with_unrestricted_access_to_rdp)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md b/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md
index 24f498b5361..7c1ddec03db 100644
--- a/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md
+++ b/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/azure_instance_using_basic_authentication)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md b/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md
index 94cd621e171..683d2438f05 100644
--- a/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md
+++ b/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_database_server_firewall_allows_all_ips)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md b/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md
index b8917abcd69..be238385569 100644
--- a/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md
+++ b/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_with_http20enabled_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md b/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md
index c05bf3d7984..1545cb481bd 100644
--- a/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md
+++ b/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Info
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/email_notifications_set_off)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md b/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md
index fc560a95a74..3654399050d 100644
--- a/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md
+++ b/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/key_vault_not_recoverable)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md b/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md
index 8043afec06d..f26869da6a5 100644
--- a/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md
+++ b/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/app_service_authentication_not_set)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md b/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md
index 523e0d3aaf6..3075eecade2 100644
--- a/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md
+++ b/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_alert_policy_without_emails)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md b/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md
index 7c342ce4322..e28befa00d3 100644
--- a/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md
+++ b/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/role_definitions_allow_custom_subscription_role_creation)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md b/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md
index ff971aaceb1..b66ab8f3c6b 100644
--- a/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md
+++ b/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/mysql_server_ssl_enforcement_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md b/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md
index 325bf9e8dd2..f5beab00df6 100644
--- a/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md
+++ b/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_account_allows_network_default_access)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md b/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md
index 1972d11755b..7e46948a57d 100644
--- a/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md
+++ b/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_with_client_certificate_auth_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md b/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md
index 63b5351d2b4..ee81a897b07 100644
--- a/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md
+++ b/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_cluster_rbac_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md b/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md
index d16faff0578..78c5a1597bd 100644
--- a/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md
+++ b/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_logging_azure_monitoring_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md b/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md
index 6e4f66958d4..2a5d3a4ea17 100644
--- a/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md
+++ b/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_blob_service_container_with_public_access)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md b/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md
index e54c32a1a74..c2fb6315219 100644
--- a/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md
+++ b/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_database_server_connection_throttling_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md b/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md
index 2ee7a6468f8..e5ea3859a92 100644
--- a/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md
+++ b/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/account_admins_not_notified_by_email)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md b/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md
index 52a1152a216..e75eecfef2a 100644
--- a/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md
+++ b/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/web_app_not_using_tls_last_version)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md b/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md
index 2b52c490959..26cc42d7ecc 100644
--- a/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md
+++ b/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_server_ssl_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md b/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md
index ac5d788a02c..ae44a74caa9 100644
--- a/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md
+++ b/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_server_database_with_low_retention_days)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md b/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md
index 624c6d47a04..0a9fc42bf7d 100644
--- a/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md
+++ b/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_dashboard_enabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md b/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md
index 647e99039c1..7f4eba5f3d5 100644
--- a/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md
+++ b/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/secret_without_expiration_date)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md b/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md
index a05d4cf1029..8cac05fae70 100644
--- a/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md
+++ b/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/default_azure_storage_account_network_access_is_too_permissive)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md b/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md
index 6bdf92d1063..aa044aaf46f 100644
--- a/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md
+++ b/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_server_database_without_auditing)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md b/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md
index bf0c85b7a82..59f6030375f 100644
--- a/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md
+++ b/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/trusted_microsoft_services_not_enabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md b/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md
index 7bd62299227..e1c7e87d7f2 100644
--- a/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md
+++ b/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_server_log_connections_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md b/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md
index 71a29b47855..4e167e9f3f0 100644
--- a/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md
+++ b/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_azure_active_directory_disabled)
### Description
diff --git a/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md b/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md
index bbfc29f765e..9c7e739e805 100644
--- a/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md
+++ b/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** AzureResourceManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_server_log_checkpoint_disabled)
### Description
diff --git a/docs/queries/buildah-queries.md b/docs/queries/buildah-queries.md
index 968dfa4ee9a..c93d6a74fee 100644
--- a/docs/queries/buildah-queries.md
+++ b/docs/queries/buildah-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from Buildah.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Run Using apt
a1bc27c6-7115-48d8-bf9d-5a7e836845ba|Low|Supply-Chain|Query details
Documentation
|
+|Run Using apt
a1bc27c6-7115-48d8-bf9d-5a7e836845ba|Low|Supply-Chain|Query details
Documentation
|
diff --git a/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md b/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md
index 6fdb33e09bb..67c6e918761 100644
--- a/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md
+++ b/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Buildah
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/buildah/run_using_apt)
### Description
diff --git a/docs/queries/cicd-queries.md b/docs/queries/cicd-queries.md
index f65c16d988c..988715dcb70 100644
--- a/docs/queries/cicd-queries.md
+++ b/docs/queries/cicd-queries.md
@@ -8,7 +8,7 @@ Below are listed queries related to CICD GITHUB:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Script Block Injection
62ff6823-927a-427f-acf9-f1ea2932d616|High|Insecure Configurations|Query details
Documentation
|
-|Run Block Injection
20f14e1a-a899-4e79-9f09-b6a84cd4649b|Medium|Insecure Configurations|Query details
Documentation
|
-|Unsecured Commands
60fd272d-15f4-4d8f-afe4-77d9c6cc0453|Medium|Insecure Configurations|Query details
Documentation
|
-|Unpinned Actions Full Length Commit SHA
555ab8f9-2001-455e-a077-f2d0f41e2fb9|Low|Supply-Chain|Query details
Documentation
|
+|Script Block Injection
62ff6823-927a-427f-acf9-f1ea2932d616|High|Insecure Configurations|Query details
Documentation
|
+|Run Block Injection
20f14e1a-a899-4e79-9f09-b6a84cd4649b|Medium|Insecure Configurations|Query details
Documentation
|
+|Unsecured Commands
60fd272d-15f4-4d8f-afe4-77d9c6cc0453|Medium|Insecure Configurations|Query details
Documentation
|
+|Unpinned Actions Full Length Commit SHA
555ab8f9-2001-455e-a077-f2d0f41e2fb9|Low|Supply-Chain|Query details
Documentation
|
diff --git a/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md b/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md
index a58c55b6984..ef3f681e084 100644
--- a/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md
+++ b/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CICD
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/run_block_injection)
### Description
diff --git a/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md b/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md
index 0bf329f5582..d98694dd9e6 100644
--- a/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md
+++ b/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CICD
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/unpinned_actions_full_length_commit_sha)
### Description
diff --git a/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md b/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md
index 3ac37f3ef2e..b1e1a474c17 100644
--- a/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md
+++ b/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CICD
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/unsecured_commands)
### Description
diff --git a/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md b/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md
index 521db7378e7..e5fa17ee7b3 100644
--- a/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md
+++ b/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CICD
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/script_block_injection)
### Description
diff --git a/docs/queries/cloudformation-queries.md b/docs/queries/cloudformation-queries.md
index 928a9b49a89..a0e078048fb 100644
--- a/docs/queries/cloudformation-queries.md
+++ b/docs/queries/cloudformation-queries.md
@@ -8,254 +8,254 @@ Below are listed queries related to CloudFormation AWS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Amazon DMS Replication Instance Is Publicly Accessible
5864fb39-d719-4182-80e2-89dbe627be63|Critical|Access Control|Query details
Documentation
|
-|ECR Repository Is Publicly Accessible
75be209d-1948-41f6-a8c8-e22dd0121134|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Access to Any Principal
7772bb8c-c0f3-42d4-8e4e-f1b8939ad085|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read Or Write to All Users
07dda8de-d90d-469e-9b37-1aca53526ced|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Delete Action From All Principals
acc78859-765e-4011-a229-a65ea57db252|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Put Action From All Principals
f6397a20-4cf1-4540-a997-1d363c25ef58|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With All Permissions
4ae8af91-5108-42cb-9471-3bdbe596eac9|Critical|Access Control|Query details
Documentation
|
-|SNS Topic is Publicly Accessible
ae53ce91-42b5-46bf-a84f-9a13366a4f13|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
de38e1d5-54cb-4111-a868-6f7722695007|Critical|Insecure Configurations|Query details
Documentation
|
-|DB Security Group With Public Scope
9564406d-e761-4e61-b8d7-5926e3ab8e79|Critical|Networking and Firewall|Query details
Documentation
|
-|RDS Associated with Public Subnet
4e88adee-a8eb-4605-a78d-9fb1096e3091|Critical|Networking and Firewall|Query details
Documentation
|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7|High|Access Control|Query details
Documentation
|
-|ECS Service Admin Role Is Present
01986452-bdd8-4aaa-b5df-d6bf61d616ff|High|Access Control|Query details
Documentation
|
-|IAM Policy Grants Full Permissions
f62aa827-4ade-4dc4-89e4-1433d384a368|High|Access Control|Query details
Documentation
|
-|Lambda Functions With Full Privileges
a0ae0a4e-712b-4115-8112-51b9eeed9d69|High|Access Control|Query details
Documentation
|
-|MSK Broker Is Publicly Accessible
0ce1ba20-8ba8-4364-836f-40c24b8cb0ab|High|Access Control|Query details
Documentation
|
-|Neptune Cluster With IAM Database Authentication Disabled
a3aa0087-8228-4e7e-b202-dc9036972d02|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to All Users
219f4c95-aa50-44e0-97de-cf71f4641170|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to Any Authenticated User
835d5497-a526-4aea-a23f-98a9afd1635f|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Get Action From All Principals
f97b7d23-568f-4bcc-9ac9-02df0d57fbba|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows List Action From All Principals
faa8fddf-c0aa-4b2d-84ff-e993e233ebe9|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public Policy
860ba89b-b8de-4e72-af54-d6aee4138a69|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Restore Actions From All Principals
456b00a3-1072-4149-9740-6b8bb60251b0|High|Access Control|Query details
Documentation
|
-|AmazonMQ Broker Encryption Disabled
316278b3-87ac-444c-8f8f-a733a28da60f|High|Encryption|Query details
Documentation
|
-|API Gateway Cache Encrypted Disabled
37cca703-b74c-48ba-ac81-595b53398e9b|High|Encryption|Query details
Documentation
|
-|CMK Unencrypted Storage
ffee2785-c347-451e-89f3-11aeb08e5c84|High|Encryption|Query details
Documentation
|
-|Config Rule For Encrypted Volumes Disabled
1b6322d9-c755-4f8c-b804-32c19250f2d9|High|Encryption|Query details
Documentation
|
-|DynamoDB Table Not Encrypted
4bd21e68-38c1-4d58-acdc-6a14b203237f|High|Encryption|Query details
Documentation
|
-|DynamoDB With Aws Owned CMK
c8dee387-a2e6-4a73-a942-183c975549ac|High|Encryption|Query details
Documentation
|
-|EBS Volume Encryption Disabled
80b7ac3f-d2b7-4577-9b10-df7913497162|High|Encryption|Query details
Documentation
|
-|ECS Cluster Not Encrypted At Rest
6c131358-c54d-419b-9dd6-1f7dd41d180c|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
2ff8e83c-90e1-4d68-a300-6d652112e622|High|Encryption|Query details
Documentation
|
-|ElastiCache With Disabled at Rest Encryption
e4ee3903-9225-4b6a-bdfb-e62dbadef821|High|Encryption|Query details
Documentation
|
-|ElasticSearch Encryption With KMS Disabled
d926aa95-0a04-4abc-b20c-acf54afe38a1|High|Encryption|Query details
Documentation
|
-|ElasticSearch Not Encrypted At Rest
86a248ab-0e01-4564-a82a-878303e253bb|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
809f77f8-d10e-4842-a84f-3be7b6ff1190|High|Encryption|Query details
Documentation
|
-|Kinesis SSE Not Configured
7f65be75-90ab-4036-8c2a-410aef7bb650|High|Encryption|Query details
Documentation
|
-|MSK Cluster Encryption Disabled
a976d63f-af0e-46e8-b714-8c1a9c4bf768|High|Encryption|Query details
Documentation
|
-|Neptune Database Cluster Encryption Disabled
bf4473f1-c8a2-4b1b-8134-bd32efabab93|High|Encryption|Query details
Documentation
|
-|RDS Storage Encryption Disabled
65844ba3-03a1-40a8-b3dd-919f122e8c95|High|Encryption|Query details
Documentation
|
-|RDS Storage Not Encrypted
5beacce3-4020-4a3d-9e1d-a36f953df630|High|Encryption|Query details
Documentation
|
-|Redshift Not Encrypted
3b316b05-564c-44a7-9c3f-405bb95e211e|High|Encryption|Query details
Documentation
|
-|S3 Bucket Without Server-side-encryption
b2e8752c-3497-4255-98d2-e4ae5b46bbf5|High|Encryption|Query details
Documentation
|
-|SageMaker Data Encryption Disabled
709e6da6-fa1f-44cc-8f17-7f25f96dadbe|High|Encryption|Query details
Documentation
|
-|User Data Contains Encoded Private Key
568cc372-ca64-420d-9015-ee347d00d288|High|Encryption|Query details
Documentation
|
-|Workspace Without Encryption
89827c57-5a8a-49eb-9731-976a606d70db|High|Encryption|Query details
Documentation
|
-|Batch Job Definition With Privileged Container Properties
76ddf32c-85b1-4808-8935-7eef8030ab36|High|Insecure Configurations|Query details
Documentation
|
-|KMS Key With Vulnerable Policy
da905474-7454-43c0-b8d2-5756ab951aba|High|Insecure Configurations|Query details
Documentation
|
-|Lambda Functions Without Unique IAM Roles
ae03f542-1423-402f-9cef-c834e7ee9583|High|Insecure Configurations|Query details
Documentation
|
-|MQ Broker Is Publicly Accessible
68b6a789-82f8-4cfd-85de-e95332fe6a61|High|Insecure Configurations|Query details
Documentation
|
-|Root Account Has Active Access Keys
4c137350-7307-4803-8c04-17c09a7a9fcf|High|Insecure Configurations|Query details
Documentation
|
-|S3 Static Website Host Enabled
90501b1b-cded-4cc1-9e8b-206b85cda317|High|Insecure Configurations|Query details
Documentation
|
-|Permissive Web ACL Default Action
6d64f311-3da6-45f3-80f1-14db9771ea40|High|Insecure Defaults|Query details
Documentation
|
-|DB Security Group Open To Large Scope
0104165b-02d5-426f-abc9-91fb48189899|High|Networking and Firewall|Query details
Documentation
|
-|Default Security Groups With Unrestricted Traffic
ea33fcf7-394b-4d11-a228-985c5d08f205|High|Networking and Firewall|Query details
Documentation
|
-|EC2 Sensitive Port Is Publicly Exposed
494b03d3-bf40-4464-8524-7c56ad0700ed|High|Networking and Firewall|Query details
Documentation
|
-|ELB Sensitive Port Is Exposed To Entire Network
78055456-f670-4d2e-94d5-392d1cf4f5e4|High|Networking and Firewall|Query details
Documentation
|
-|Fully Open Ingress
e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5|High|Networking and Firewall|Query details
Documentation
|
-|Remote Desktop Port Open To Internet
c9846969-d066-431f-9b34-8c4abafe422a|High|Networking and Firewall|Query details
Documentation
|
-|Route53 Record Undefined
24d932e1-91f0-46ea-836f-fdbd81694151|High|Networking and Firewall|Query details
Documentation
|
-|Security Group Unrestricted Access To RDP
3ae83918-7ec7-4cb8-80db-b91ef0f94002|High|Networking and Firewall|Query details
Documentation
|
-|Security Groups With Exposed Admin Ports
cdbb0467-2957-4a77-9992-7b55b29df7b7|High|Networking and Firewall|Query details
Documentation
|
-|Security Groups With Meta IP
adcd0082-e90b-4b63-862b-21899f6e6a48|High|Networking and Firewall|Query details
Documentation
|
-|Unknown Port Exposed To Internet
829ce3b8-065c-41a3-ad57-e0accfea82d2|High|Networking and Firewall|Query details
Documentation
|
-|Unrestricted Security Group Ingress
4a1e6b34-1008-4e61-a5f2-1f7c276f8d14|High|Networking and Firewall|Query details
Documentation
|
-|Amplify App Access Token Exposed
73980e43-f399-4fcc-a373-658228f7adf7|High|Secret Management|Query details
Documentation
|
-|Amplify App Basic Auth Config Password Exposed
71493c8b-3014-404c-9802-078b74496fb7|High|Secret Management|Query details
Documentation
|
-|Amplify App OAuth Token Exposed
03b38885-8f4e-480c-a0e4-12c1affd15db|High|Secret Management|Query details
Documentation
|
-|Amplify Branch Basic Auth Config Password Exposed
dfb56e5d-ee68-446e-b32a-657b62befe69|High|Secret Management|Query details
Documentation
|
-|Directory Service Microsoft AD Password Set to Plaintext or Default Ref
06b9f52a-8cd5-459b-bdc6-21a22521e1be|High|Secret Management|Query details
Documentation
|
-|Directory Service Simple AD Password Exposed
6685d912-d81f-4cfa-95ad-e316ea31c989|High|Secret Management|Query details
Documentation
|
-|DMS Endpoint MongoDB Settings Password Exposed
f988a17f-1139-46a3-8928-f27eafd8b024|High|Secret Management|Query details
Documentation
|
-|DMS Endpoint Password Exposed
5f700072-b7ce-4e84-b3f3-497bf1c24a4d|High|Secret Management|Query details
Documentation
|
-|DocDB Cluster Master Password In Plaintext
39423ce4-9011-46cd-b6b1-009edcd9385d|High|Secret Management|Query details
Documentation
|
-|Hardcoded AWS Access Key In Lambda
2564172f-c92b-4261-9acd-464aed511696|High|Secret Management|Query details
Documentation
|
-|IAM User LoginProfile Password Is In Plaintext
06adef8c-c284-4de7-aad2-af43b07a8ca1|High|Secret Management|Query details
Documentation
|
-|RefreshToken Is Exposed
5b48c507-0d1f-41b0-a630-76817c6b4189|High|Secret Management|Query details
Documentation
|
-|API Gateway Method Does Not Contains An API Key
3641d5b4-d339-4bc2-bfb9-208fe8d3477f|Medium|Access Control|Query details
Documentation
|
-|API Gateway Without Configured Authorizer
7fd0d461-5b8c-4815-898c-f2b4b117eb28|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Has No IAM Role
f914357d-8386-4d56-9ba6-456e5723f9a6|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Using Default Security Group
08b81bb3-0985-4023-8602-b606ad81d279|Medium|Access Control|Query details
Documentation
|
-|EC2 Network ACL Ineffective Denied Traffic
2623d682-dccb-44cd-99d0-54d9fd62f8f2|Medium|Access Control|Query details
Documentation
|
-|Elasticsearch Without IAM Authentication
5c666ed9-b586-49ab-9873-c495a833b705|Medium|Access Control|Query details
Documentation
|
-|Empty Roles For ECS Cluster Task Definitions
7f384a5f-b5a2-4d84-8ca3-ee0a5247becb|Medium|Access Control|Query details
Documentation
|
-|IAM Group Inline Policies
a58d1a2d-4078-4b80-855b-84cc3f7f4540|Medium|Access Control|Query details
Documentation
|
-|IAM Group Without Users
8f957abd-9703-413d-87d3-c578950a753c|Medium|Access Control|Query details
Documentation
|
-|IAM Policies Attached To User
edc95c10-7366-4f30-9b4b-f995c84eceb5|Medium|Access Control|Query details
Documentation
|
-|IAM Policies With Full Privileges
953b3cdb-ce13-428a-aa12-318726506661|Medium|Access Control|Query details
Documentation
|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services
e835bd0d-65da-49f7-b6d1-b646da8727e6|Medium|Access Control|Query details
Documentation
|
-|IAM Policy On User
e4239438-e639-44aa-adb8-866e400e3ade|Medium|Access Control|Query details
Documentation
|
-|IAM Role Allows All Principals To Assume
f80e3aa7-7b34-4185-954e-440a6894dde6|Medium|Access Control|Query details
Documentation
|
-|IoT Policy Allows Action as Wildcard
4d32780f-43a4-424a-a06d-943c543576a5|Medium|Access Control|Query details
Documentation
|
-|IoT Policy Allows Wildcard Resource
be5b230d-4371-4a28-a441-85dc760e2aa3|Medium|Access Control|Query details
Documentation
|
-|KMS Allows Wildcard Principal
f6049677-ec4a-43af-8779-5190b6d03cba|Medium|Access Control|Query details
Documentation
|
-|Lambda Permission Principal Is Wildcard
1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7|Medium|Access Control|Query details
Documentation
|
-|Public Lambda via API Gateway
57b12981-3816-4c31-b190-a1e614361dd2|Medium|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public ACL
48f100d9-f499-4c6d-b2b8-deafe47ffb26|Medium|Access Control|Query details
Documentation
|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously
818f38ed-8446-4132-9c03-474d49e10195|Medium|Access Control|Query details
Documentation
|
-|SQS Policy With Public Access
9b6a3f5b-5fd6-40ee-9bc0-ed604911212d|Medium|Access Control|Query details
Documentation
|
-|Auto Scaling Group With No Associated ELB
ad21e616-5026-4b9d-990d-5b007bfe679c|Medium|Availability|Query details
Documentation
|
-|CMK Is Unusable
2844c749-bd78-4cd1-90e8-b179df827602|Medium|Availability|Query details
Documentation
|
-|ElastiCache Nodes Not Created Across Multi AZ
cfdef2e5-1fe4-4ef4-bea8-c56e08963150|Medium|Availability|Query details
Documentation
|
-|RDS Multi-AZ Deployment Disabled
2b1d4935-9acf-48a7-8466-10d18bf51a69|Medium|Availability|Query details
Documentation
|
-|RDS With Backup Disabled
8c415f6f-7b90-4a27-a44a-51047e1506f9|Medium|Backup|Query details
Documentation
|
-|S3 Bucket Without Versioning
a227ec01-f97a-4084-91a4-47b350c1db54|Medium|Backup|Query details
Documentation
|
-|Stack Retention Disabled
fe974ae9-858e-4991-bbd5-e040a834679f|Medium|Backup|Query details
Documentation
|
-|DynamoDB Table Point In Time Recovery Disabled
0f04217d-488f-4e7a-bec8-f16159686cd6|Medium|Best Practices|Query details
Documentation
|
-|ECS No Load Balancer Attached
fb2b0ecf-1492-491a-a70d-ba1df579175d|Medium|Best Practices|Query details
Documentation
|
-|IAM Managed Policy Applied to a User
0e5872b4-19a0-4165-8b2f-56d9e14b909f|Medium|Best Practices|Query details
Documentation
|
-|IAM User Without Password Reset
a964d6e3-8e1e-4d93-8120-61fa640dd55a|Medium|Best Practices|Query details
Documentation
|
-|Alexa Skill Plaintext Client Secret Exposed
3c3b7a58-b018-4d07-9444-d9ee7156e111|Medium|Encryption|Query details
Documentation
|
-|CloudFormation Specifying Credentials Not Safe
9ecb6b21-18bc-4aa7-bd07-db20f1c746db|Medium|Encryption|Query details
Documentation
|
-|Cloudfront Viewer Protocol Policy Allows HTTP
31733ee2-fef0-4e87-9778-65da22a8ecf1|Medium|Encryption|Query details
Documentation
|
-|CodeBuild Not Encrypted
d7467bb6-3ed1-4c82-8095-5e7a818d0aad|Medium|Encryption|Query details
Documentation
|
-|Connection Between CloudFront Origin Not Encrypted
a5366a50-932f-4085-896b-41402714a388|Medium|Encryption|Query details
Documentation
|
-|Default KMS Key Usage
e52395b4-250b-4c60-81d5-2e58c1d37abc|Medium|Encryption|Query details
Documentation
|
-|EFS Volume With Disabled Transit Encryption
c1282e03-b285-4637-aee7-eefe3a7bb658|Medium|Encryption|Query details
Documentation
|
-|ElastiCache With Disabled Transit Encryption
3b02569b-fc6f-4153-b3a3-ba91022fed68|Medium|Encryption|Query details
Documentation
|
-|ELB Using Insecure Protocols
61a94903-3cd3-4780-88ec-fc918819b9c8|Medium|Encryption|Query details
Documentation
|
-|ELB Without Secure Protocol
80908a75-586b-4c61-ab04-490f4f4525b8|Medium|Encryption|Query details
Documentation
|
-|EMR Security Configuration Encryption Disabled
5b033ec8-f079-4323-b5c8-99d4620433a9|Medium|Encryption|Query details
Documentation
|
-|IAM Database Auth Not Enabled
9fcd0a0a-9b6f-4670-a215-d94e6bf3f184|Medium|Encryption|Query details
Documentation
|
-|KMS Key Rotation Disabled
235ca980-eb71-48f4-9030-df0c371029eb|Medium|Encryption|Query details
Documentation
|
-|Redshift Cluster Without KMS CMK
de76a0d6-66d5-45c9-9022-f05545b85c78|Medium|Encryption|Query details
Documentation
|
-|S3 Bucket Without SSL In Write Actions
38c64e76-c71e-4d92-a337-60174d1de1c9|Medium|Encryption|Query details
Documentation
|
-|SageMaker EndPoint Config Should Specify KmsKeyId Attribute
44034eda-1c3f-486a-831d-e09a7dd94354|Medium|Encryption|Query details
Documentation
|
-|Secure Ciphers Disabled
be96849c-3df6-49c2-bc16-778a7be2519c|Medium|Encryption|Query details
Documentation
|
-|SQS With SSE Disabled
12726829-93ed-4d51-9cbe-13423f4299e1|Medium|Encryption|Query details
Documentation
|
-|API Gateway With Open Access
1056dfbb-5802-4762-bf2b-8b9b9684b1b0|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without Security Policy
8275fab0-68ec-4705-bbf4-86975edb170e|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without SSL Certificate
ed4c48b8-eccc-4881-95c1-09fdae23db25|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
dc17ee4b-ddf2-4e23-96e8-7a36abad1303|Medium|Insecure Configurations|Query details
Documentation
|
-|ECR Image Tag Not Immutable
33f41d31-86b1-46a4-81f7-9c9a671f59ac|Medium|Insecure Configurations|Query details
Documentation
|
-|ECS Task Definition Network Mode Not Recommended
027a4b7a-8a59-4938-a04f-ed532512cf45|Medium|Insecure Configurations|Query details
Documentation
|
-|EMR Cluster Without Security Configuration
48af92a5-c89b-4936-bc62-1086fe2bab23|Medium|Insecure Configurations|Query details
Documentation
|
-|GitHub Repository Set To Public
5906092d-5f74-490d-9a03-78febe0f65e1|Medium|Insecure Configurations|Query details
Documentation
|
-|IAM User Has Too Many Access Keys
48677914-6fdf-40ec-80c4-2b0e94079f54|Medium|Insecure Configurations|Query details
Documentation
|
-|Redshift Publicly Accessible
bdf8dcb4-75df-4370-92c4-606e4ae6c4d3|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket With Unsecured CORS Rule
3609d27c-3698-483a-9402-13af6ae80583|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Ignore Public ACL
6c8d51af-218d-4bfb-94a9-94eabaa0703a|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Restriction Of Public Bucket
350cd468-0e2c-44ef-9d22-cfb73a62523c|Medium|Insecure Configurations|Query details
Documentation
|
-|SageMaker Enabling Internet Access
88d55d94-315d-4564-beee-d2d725feab11|Medium|Insecure Configurations|Query details
Documentation
|
-|Vulnerable Default SSL Certificate
b4d9c12b-bfba-4aeb-9cb8-2358546d8041|Medium|Insecure Defaults|Query details
Documentation
|
-|ALB Is Not Integrated With WAF
105ba098-1e34-48cd-b0f2-a8a43a51bf9b|Medium|Networking and Firewall|Query details
Documentation
|
-|ALB Listening on HTTP
275a3217-ca37-40c1-a6cf-bb57d245ab32|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Endpoint Config is Not Private
4a8daf95-709d-4a36-9132-d3e19878fa34|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway without WAF
fcbf9019-566c-4832-a65c-af00d8137d2b|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Without WAF
0f139403-303f-467c-96bd-e717e6cfd62d|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Subnet Has Public IP Mapping On Launch
b3de4e4c-14be-4159-b99d-9ad194365e4c|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Network ACL Overlapping Ports
77b6f1e2-bde4-4a6a-ae7e-a40659ff1576|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Permissive Network ACL Protocols
03879981-efa2-47a0-a818-c843e1441b88|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Public Instance Exposed Through Subnet
c44c95fc-ae92-4bb8-bdf8-bb9bc412004a|Medium|Networking and Firewall|Query details
Documentation
|
-|EKS node group remote access
73d59e76-a12c-4b74-a3d8-d3e1e19c25b3|Medium|Networking and Firewall|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
4cdc88e6-c0c8-4081-a639-bb3a557cbedf|Medium|Networking and Firewall|Query details
Documentation
|
-|ELB With Security Group Without Inbound Rules
e200a6f3-c589-49ec-9143-7421d4a2c845|Medium|Networking and Firewall|Query details
Documentation
|
-|ELB With Security Group Without Outbound Rules
01d5a458-a6c4-452a-ac50-054d59275b7c|Medium|Networking and Firewall|Query details
Documentation
|
-|GameLift Fleet EC2 InboundPermissions With Port Range
43356255-495d-4148-ad8d-f6af5eac09dd|Medium|Networking and Firewall|Query details
Documentation
|
-|HTTP Port Open To Internet
ddfc4eaa-af23-409f-b96c-bf5c45dc4daa|Medium|Networking and Firewall|Query details
Documentation
|
-|SageMaker Notebook Not Placed In VPC
9c7028d9-04c2-45be-b8b2-1188ccaefb36|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Egress CIDR Open To World
1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Egress With All Protocols
ee464fc2-54a6-4e22-b10a-c6dcd2474d0c|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Egress With Port Range
dae9c373-8287-462f-8746-6f93dad93610|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Ingress With All Protocols
1a427b25-2e9e-4298-9530-0499a55e736b|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group Ingress With Port Range
87482183-a8e7-4e42-a566-7a23ec231c16|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group With Unrestricted Access To SSH
6e856af2-62d7-4ba2-adc1-73b62cef9cc1|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Groups Allows Unrestricted Outbound Traffic
66f2d8f9-a911-4ced-ae27-34f09690bb2c|Medium|Networking and Firewall|Query details
Documentation
|
-|TCP UDP Protocol Network ACL Entry Allows All Ports
f57f849c-883b-4cb7-85e7-f7b199dff163|Medium|Networking and Firewall|Query details
Documentation
|
-|VPC Without Network Firewall
3e293410-d5b8-411f-85fd-7d26294f20c9|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Deployment Without Access Log Setting
06ec63e3-9f72-4fe2-a218-2eb9200b8db5|Medium|Observability|Query details
Documentation
|
-|API Gateway V2 Stage Access Logging Settings Not Defined
80d45af4-4920-4236-a56e-b7ef419d1941|Medium|Observability|Query details
Documentation
|
-|CloudFront Logging Disabled
de77cd9f-0e8b-46cc-b4a4-b6b436838642|Medium|Observability|Query details
Documentation
|
-|CloudTrail Logging Disabled
5c0b06d5-b7a4-484c-aeb0-75a836269ff0|Medium|Observability|Query details
Documentation
|
-|CloudWatch Logging Disabled
0f0fb06b-0f2f-4374-8588-f2c7c348c7a0|Medium|Observability|Query details
Documentation
|
-|CloudWatch Metrics Disabled
5d3c1807-acb3-4bb0-be4e-0440230feeaf|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
1bf3b3d4-f373-4d7c-afbb-7d85948a67a5|Medium|Observability|Query details
Documentation
|
-|EC2 Instance Monitoring Disabled
0264093f-6791-4475-af34-4b8102dcbcd0|Medium|Observability|Query details
Documentation
|
-|Elasticsearch Logs Disabled
edbd62d4-8700-41de-b000-b3cfebb5e996|Medium|Observability|Query details
Documentation
|
-|ELB Access Log Disabled
ee12ad32-2863-4c0f-b13f-28272d115028|Medium|Observability|Query details
Documentation
|
-|ELBv2 ALB Access Log Disabled
c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621|Medium|Observability|Query details
Documentation
|
-|GuardDuty Detector Disabled
a25cd877-375c-4121-a640-730929936fac|Medium|Observability|Query details
Documentation
|
-|MQ Broker Logging Disabled
e519ed6a-8328-4b69-8eb7-8fa549ac3050|Medium|Observability|Query details
Documentation
|
-|MSK Cluster Logging Disabled
fc7c2c15-f5d0-4b80-adb2-c89019f8f62b|Medium|Observability|Query details
Documentation
|
-|Redshift Cluster Logging Disabled
3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6|Medium|Observability|Query details
Documentation
|
-|S3 Bucket CloudTrail Logging Disabled
c3ce69fd-e3df-49c6-be78-1db3f802261c|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Logging Disabled
4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c|Medium|Observability|Query details
Documentation
|
-|VPC FlowLogs Disabled
f6d299d2-21eb-41cc-b1e1-fe12d857500b|Medium|Observability|Query details
Documentation
|
-|High Access Key Rotation Period
800fa019-49dd-421b-9042-7331fdd83fa2|Medium|Secret Management|Query details
Documentation
|
-|IAM User With No Group
06933df4-0ea7-461c-b9b5-104d27390e0e|Low|Access Control|Query details
Documentation
|
-|Support Has No Role Associated
d71b5fd7-9020-4b2d-9ec8-b3839faa2744|Low|Access Control|Query details
Documentation
|
-|EBS Volume Not Attached To Instances
1819ac03-542b-4026-976b-f37addd59f3b|Low|Availability|Query details
Documentation
|
-|ECS Service Without Running Tasks
79d745f0-d5f3-46db-9504-bef73e9fd528|Low|Availability|Query details
Documentation
|
-|VPC Attached With Too Many Gateways
97e94d17-e2c7-4109-a53b-6536ac1bb64e|Low|Availability|Query details
Documentation
|
-|Low RDS Backup Retention Period
e649a218-d099-4550-86a4-1231e1fcb60d|Low|Backup|Query details
Documentation
|
-|RDS DB Instance With Deletion Protection Disabled
2c161e58-cb52-454f-abea-6470c37b5e6e|Low|Backup|Query details
Documentation
|
-|Automatic Minor Upgrades Disabled
f0104061-8bfc-4b45-8a7d-630eb502f281|Low|Best Practices|Query details
Documentation
|
-|CDN Configuration Is Missing
e4f54ff4-d352-40e8-a096-5141073c37a2|Low|Best Practices|Query details
Documentation
|
-|Cognito UserPool Without MFA
74a18d1a-cf02-4a31-8791-ed0967ad7fdc|Low|Best Practices|Query details
Documentation
|
-|Geo Restriction Disabled
7f8843f0-9ea5-42b4-a02b-753055113195|Low|Best Practices|Query details
Documentation
|
-|IAM Access Analyzer Not Enabled
8d29754a-2a18-460d-a1ba-9509f8d359da|Low|Best Practices|Query details
Documentation
|
-|IAM Password Without Minimum Length
b1b20ae3-8fa7-4af5-a74d-a2145920fcb1|Low|Best Practices|Query details
Documentation
|
-|IAM Policies Without Groups
5e7acff5-095b-40ac-9073-ac2e4ad8a512|Low|Best Practices|Query details
Documentation
|
-|Lambda Permission Misconfigured
9b83114b-b2a1-4534-990d-06da015e47aa|Low|Best Practices|Query details
Documentation
|
-|Security Group Ingress Has CIDR Not Recommended
a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd|Low|Best Practices|Query details
Documentation
|
-|DynamoDB With Not Recommented Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|Low|Build Process|Query details
Documentation
|
-|EFS Without Tags
08e39832-5e42-4304-98a0-aa5b43393162|Low|Build Process|Query details
Documentation
|
-|API Gateway With Invalid Compression
d6653eee-2d4d-4e6a-976f-6794a497999a|Low|Encryption|Query details
Documentation
|
-|CloudTrail Log Files Not Encrypted With KMS
050a9ba8-d1cb-4c61-a5e8-8805a70d3b85|Low|Encryption|Query details
Documentation
|
-|EFS Without KMS
6d087495-2a42-4735-abf7-02ef5660a7e6|Low|Encryption|Query details
Documentation
|
-|API Gateway Cache Cluster Disabled
52790cad-d60d-41d5-8483-146f9f21208d|Low|Insecure Configurations|Query details
Documentation
|
-|Inline Policies Are Attached To ECS Service
9e8c89b3-7997-4d15-93e4-7911b9db99fd|Low|Insecure Configurations|Query details
Documentation
|
-|Instance With No VPC
8a6d36cd-0bc6-42b7-92c4-67acc8576861|Low|Insecure Configurations|Query details
Documentation
|
-|Lambda Function Without Dead Letter Queue
c2eae442-d3ba-4cb1-84ca-1db4f80eae3d|Low|Insecure Configurations|Query details
Documentation
|
-|Lambda Function Without Tags
8df8e857-bd59-44fa-9f4c-d77594b95b46|Low|Insecure Configurations|Query details
Documentation
|
-|Wildcard In ACM Certificate Domain Name
cc8b294f-006f-4f8f-b5bb-0a9140c33131|Low|Insecure Configurations|Query details
Documentation
|
-|RouterTable with Default Routing
4f0908b9-eb66-433f-9145-134274e1e944|Low|Insecure Defaults|Query details
Documentation
|
-|S3 Bucket Should Have Bucket Policy
37fa8188-738b-42c8-bf82-6334ea567738|Low|Insecure Defaults|Query details
Documentation
|
-|EC2 Instance Using Default VPC
e42a3ef0-5325-4667-84bf-075ba1c9d58e|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Using Default Port
323db967-c68e-44e6-916c-a777f95af34b|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Without VPC
ba766c53-fe71-4bbb-be35-b6803f2ef13e|Low|Networking and Firewall|Query details
Documentation
|
-|EMR Without VPC
bf89373a-be40-4c04-99f5-746742dfd7f3|Low|Networking and Firewall|Query details
Documentation
|
-|RDS Using Default Port
1fe9d958-ddce-4228-a124-05265a959a8b|Low|Networking and Firewall|Query details
Documentation
|
-|Redshift Using Default Port
a478af30-8c3a-404d-aa64-0b673cee509a|Low|Networking and Firewall|Query details
Documentation
|
-|Security Groups Without VPC Attached
493d9591-6249-47bf-8dc0-5c10161cc558|Low|Networking and Firewall|Query details
Documentation
|
-|Shield Advanced Not In Use
ad7444cf-817a-4765-a79e-2145f7981faf|Low|Networking and Firewall|Query details
Documentation
|
-|API Gateway Deployment Without API Gateway UsagePlan Associated
783860a3-6dca-4c8b-81d0-7b62769ccbca|Low|Observability|Query details
Documentation
|
-|API Gateway X-Ray Disabled
4ab10c48-bedb-4deb-8f3b-ff12783b61de|Low|Observability|Query details
Documentation
|
-|CloudTrail Log File Validation Disabled
2a3560fe-52ca-4443-b34f-bf0ed5eb74c8|Low|Observability|Query details
Documentation
|
-|CloudTrail Multi Region Disabled
058ac855-989f-4378-ba4d-52d004020da7|Low|Observability|Query details
Documentation
|
-|CloudTrail Not Integrated With CloudWatch
65d07da5-9af5-44df-8983-52d2e6f24c44|Low|Observability|Query details
Documentation
|
-|CloudTrail SNS Topic Name Undefined
3e09413f-471e-40f3-8626-990c79ae63f3|Low|Observability|Query details
Documentation
|
-|CMK Rotation Disabled
1c07bfaf-663c-4f6f-b22b-8e2d481e4df5|Low|Observability|Query details
Documentation
|
-|Configuration Aggregator to All Regions Disabled
9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d|Low|Observability|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
ab759fde-e1e8-4b0e-ad73-ba856e490ed8|Low|Observability|Query details
Documentation
|
-|ECS Task Definition HealthCheck Missing
d24389b4-b209-4ff0-8345-dc7a4569dcdd|Low|Observability|Query details
Documentation
|
-|ElasticSearch Without Slow Logs
086ea2eb-14a6-4fd4-914b-38e0bc8703e8|Low|Observability|Query details
Documentation
|
-|Lambda Functions Without X-Ray Tracing
9488c451-074e-4cd3-aee3-7db6104f542c|Low|Observability|Query details
Documentation
|
-|Stack Notifications Disabled
837e033c-4717-40bd-807e-6abaa30161b7|Low|Observability|Query details
Documentation
|
-|Unscanned ECR Image
9025b2b3-e554-4842-ba87-db7aeec36d35|Low|Observability|Query details
Documentation
|
-|API Gateway Stage Without API Gateway UsagePlan Associated
7f8f1b60-43df-4c28-aa21-fb836dbd8071|Low|Resource Management|Query details
Documentation
|
-|ECS Task Definition Invalid CPU or Memory
f4c9b5f5-68b8-491f-9e48-4f96644a1d51|Low|Resource Management|Query details
Documentation
|
-|SDB Domain Declared As A Resource
6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d|Low|Resource Management|Query details
Documentation
|
-|VPC Without Attached Subnet
3b3b4411-ad1f-40e7-b257-a78a6bb9673a|Low|Resource Management|Query details
Documentation
|
-|EBS Volume Without KmsKeyId
b7063015-6c31-4658-a8e7-14f98f37fd42|Low|Secret Management|Query details
Documentation
|
-|Secrets Manager Should Specify KmsKeyId
c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22|Low|Secret Management|Query details
Documentation
|
-|SNS Topic Without KmsMasterKeyId
9d13b150-a2ab-42a1-b6f4-142e41f81e52|Low|Secret Management|Query details
Documentation
|
-|EC2 Not EBS Optimized
8dd0ff1f-0da4-48df-9bb3-7f338ae36a40|Info|Best Practices|Query details
Documentation
|
-|Security Group Rule Without Description
5e6c9c68-8a82-408e-8749-ddad78cbb9c5|Info|Best Practices|Query details
Documentation
|
-|EC2 Network ACL Duplicate Rule
045ddb54-cfc5-4abb-9e05-e427b2bc96fe|Info|Networking and Firewall|Query details
Documentation
|
+|Amazon DMS Replication Instance Is Publicly Accessible
5864fb39-d719-4182-80e2-89dbe627be63|Critical|Access Control|Query details
Documentation
|
+|ECR Repository Is Publicly Accessible
75be209d-1948-41f6-a8c8-e22dd0121134|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Access to Any Principal
7772bb8c-c0f3-42d4-8e4e-f1b8939ad085|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read Or Write to All Users
07dda8de-d90d-469e-9b37-1aca53526ced|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Delete Action From All Principals
acc78859-765e-4011-a229-a65ea57db252|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Put Action From All Principals
f6397a20-4cf1-4540-a997-1d363c25ef58|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With All Permissions
4ae8af91-5108-42cb-9471-3bdbe596eac9|Critical|Access Control|Query details
Documentation
|
+|SNS Topic is Publicly Accessible
ae53ce91-42b5-46bf-a84f-9a13366a4f13|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
de38e1d5-54cb-4111-a868-6f7722695007|Critical|Insecure Configurations|Query details
Documentation
|
+|DB Security Group With Public Scope
9564406d-e761-4e61-b8d7-5926e3ab8e79|Critical|Networking and Firewall|Query details
Documentation
|
+|RDS Associated with Public Subnet
4e88adee-a8eb-4605-a78d-9fb1096e3091|Critical|Networking and Firewall|Query details
Documentation
|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7|High|Access Control|Query details
Documentation
|
+|ECS Service Admin Role Is Present
01986452-bdd8-4aaa-b5df-d6bf61d616ff|High|Access Control|Query details
Documentation
|
+|IAM Policy Grants Full Permissions
f62aa827-4ade-4dc4-89e4-1433d384a368|High|Access Control|Query details
Documentation
|
+|Lambda Functions With Full Privileges
a0ae0a4e-712b-4115-8112-51b9eeed9d69|High|Access Control|Query details
Documentation
|
+|MSK Broker Is Publicly Accessible
0ce1ba20-8ba8-4364-836f-40c24b8cb0ab|High|Access Control|Query details
Documentation
|
+|Neptune Cluster With IAM Database Authentication Disabled
a3aa0087-8228-4e7e-b202-dc9036972d02|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to All Users
219f4c95-aa50-44e0-97de-cf71f4641170|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to Any Authenticated User
835d5497-a526-4aea-a23f-98a9afd1635f|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Get Action From All Principals
f97b7d23-568f-4bcc-9ac9-02df0d57fbba|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows List Action From All Principals
faa8fddf-c0aa-4b2d-84ff-e993e233ebe9|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public Policy
860ba89b-b8de-4e72-af54-d6aee4138a69|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Restore Actions From All Principals
456b00a3-1072-4149-9740-6b8bb60251b0|High|Access Control|Query details
Documentation
|
+|AmazonMQ Broker Encryption Disabled
316278b3-87ac-444c-8f8f-a733a28da60f|High|Encryption|Query details
Documentation
|
+|API Gateway Cache Encrypted Disabled
37cca703-b74c-48ba-ac81-595b53398e9b|High|Encryption|Query details
Documentation
|
+|CMK Unencrypted Storage
ffee2785-c347-451e-89f3-11aeb08e5c84|High|Encryption|Query details
Documentation
|
+|Config Rule For Encrypted Volumes Disabled
1b6322d9-c755-4f8c-b804-32c19250f2d9|High|Encryption|Query details
Documentation
|
+|DynamoDB Table Not Encrypted
4bd21e68-38c1-4d58-acdc-6a14b203237f|High|Encryption|Query details
Documentation
|
+|DynamoDB With Aws Owned CMK
c8dee387-a2e6-4a73-a942-183c975549ac|High|Encryption|Query details
Documentation
|
+|EBS Volume Encryption Disabled
80b7ac3f-d2b7-4577-9b10-df7913497162|High|Encryption|Query details
Documentation
|
+|ECS Cluster Not Encrypted At Rest
6c131358-c54d-419b-9dd6-1f7dd41d180c|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
2ff8e83c-90e1-4d68-a300-6d652112e622|High|Encryption|Query details
Documentation
|
+|ElastiCache With Disabled at Rest Encryption
e4ee3903-9225-4b6a-bdfb-e62dbadef821|High|Encryption|Query details
Documentation
|
+|ElasticSearch Encryption With KMS Disabled
d926aa95-0a04-4abc-b20c-acf54afe38a1|High|Encryption|Query details
Documentation
|
+|ElasticSearch Not Encrypted At Rest
86a248ab-0e01-4564-a82a-878303e253bb|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
809f77f8-d10e-4842-a84f-3be7b6ff1190|High|Encryption|Query details
Documentation
|
+|Kinesis SSE Not Configured
7f65be75-90ab-4036-8c2a-410aef7bb650|High|Encryption|Query details
Documentation
|
+|MSK Cluster Encryption Disabled
a976d63f-af0e-46e8-b714-8c1a9c4bf768|High|Encryption|Query details
Documentation
|
+|Neptune Database Cluster Encryption Disabled
bf4473f1-c8a2-4b1b-8134-bd32efabab93|High|Encryption|Query details
Documentation
|
+|RDS Storage Encryption Disabled
65844ba3-03a1-40a8-b3dd-919f122e8c95|High|Encryption|Query details
Documentation
|
+|RDS Storage Not Encrypted
5beacce3-4020-4a3d-9e1d-a36f953df630|High|Encryption|Query details
Documentation
|
+|Redshift Not Encrypted
3b316b05-564c-44a7-9c3f-405bb95e211e|High|Encryption|Query details
Documentation
|
+|S3 Bucket Without Server-side-encryption
b2e8752c-3497-4255-98d2-e4ae5b46bbf5|High|Encryption|Query details
Documentation
|
+|SageMaker Data Encryption Disabled
709e6da6-fa1f-44cc-8f17-7f25f96dadbe|High|Encryption|Query details
Documentation
|
+|User Data Contains Encoded Private Key
568cc372-ca64-420d-9015-ee347d00d288|High|Encryption|Query details
Documentation
|
+|Workspace Without Encryption
89827c57-5a8a-49eb-9731-976a606d70db|High|Encryption|Query details
Documentation
|
+|Batch Job Definition With Privileged Container Properties
76ddf32c-85b1-4808-8935-7eef8030ab36|High|Insecure Configurations|Query details
Documentation
|
+|KMS Key With Vulnerable Policy
da905474-7454-43c0-b8d2-5756ab951aba|High|Insecure Configurations|Query details
Documentation
|
+|Lambda Functions Without Unique IAM Roles
ae03f542-1423-402f-9cef-c834e7ee9583|High|Insecure Configurations|Query details
Documentation
|
+|MQ Broker Is Publicly Accessible
68b6a789-82f8-4cfd-85de-e95332fe6a61|High|Insecure Configurations|Query details
Documentation
|
+|Root Account Has Active Access Keys
4c137350-7307-4803-8c04-17c09a7a9fcf|High|Insecure Configurations|Query details
Documentation
|
+|S3 Static Website Host Enabled
90501b1b-cded-4cc1-9e8b-206b85cda317|High|Insecure Configurations|Query details
Documentation
|
+|Permissive Web ACL Default Action
6d64f311-3da6-45f3-80f1-14db9771ea40|High|Insecure Defaults|Query details
Documentation
|
+|DB Security Group Open To Large Scope
0104165b-02d5-426f-abc9-91fb48189899|High|Networking and Firewall|Query details
Documentation
|
+|Default Security Groups With Unrestricted Traffic
ea33fcf7-394b-4d11-a228-985c5d08f205|High|Networking and Firewall|Query details
Documentation
|
+|EC2 Sensitive Port Is Publicly Exposed
494b03d3-bf40-4464-8524-7c56ad0700ed|High|Networking and Firewall|Query details
Documentation
|
+|ELB Sensitive Port Is Exposed To Entire Network
78055456-f670-4d2e-94d5-392d1cf4f5e4|High|Networking and Firewall|Query details
Documentation
|
+|Fully Open Ingress
e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5|High|Networking and Firewall|Query details
Documentation
|
+|Remote Desktop Port Open To Internet
c9846969-d066-431f-9b34-8c4abafe422a|High|Networking and Firewall|Query details
Documentation
|
+|Route53 Record Undefined
24d932e1-91f0-46ea-836f-fdbd81694151|High|Networking and Firewall|Query details
Documentation
|
+|Security Group Unrestricted Access To RDP
3ae83918-7ec7-4cb8-80db-b91ef0f94002|High|Networking and Firewall|Query details
Documentation
|
+|Security Groups With Exposed Admin Ports
cdbb0467-2957-4a77-9992-7b55b29df7b7|High|Networking and Firewall|Query details
Documentation
|
+|Security Groups With Meta IP
adcd0082-e90b-4b63-862b-21899f6e6a48|High|Networking and Firewall|Query details
Documentation
|
+|Unknown Port Exposed To Internet
829ce3b8-065c-41a3-ad57-e0accfea82d2|High|Networking and Firewall|Query details
Documentation
|
+|Unrestricted Security Group Ingress
4a1e6b34-1008-4e61-a5f2-1f7c276f8d14|High|Networking and Firewall|Query details
Documentation
|
+|Amplify App Access Token Exposed
73980e43-f399-4fcc-a373-658228f7adf7|High|Secret Management|Query details
Documentation
|
+|Amplify App Basic Auth Config Password Exposed
71493c8b-3014-404c-9802-078b74496fb7|High|Secret Management|Query details
Documentation
|
+|Amplify App OAuth Token Exposed
03b38885-8f4e-480c-a0e4-12c1affd15db|High|Secret Management|Query details
Documentation
|
+|Amplify Branch Basic Auth Config Password Exposed
dfb56e5d-ee68-446e-b32a-657b62befe69|High|Secret Management|Query details
Documentation
|
+|Directory Service Microsoft AD Password Set to Plaintext or Default Ref
06b9f52a-8cd5-459b-bdc6-21a22521e1be|High|Secret Management|Query details
Documentation
|
+|Directory Service Simple AD Password Exposed
6685d912-d81f-4cfa-95ad-e316ea31c989|High|Secret Management|Query details
Documentation
|
+|DMS Endpoint MongoDB Settings Password Exposed
f988a17f-1139-46a3-8928-f27eafd8b024|High|Secret Management|Query details
Documentation
|
+|DMS Endpoint Password Exposed
5f700072-b7ce-4e84-b3f3-497bf1c24a4d|High|Secret Management|Query details
Documentation
|
+|DocDB Cluster Master Password In Plaintext
39423ce4-9011-46cd-b6b1-009edcd9385d|High|Secret Management|Query details
Documentation
|
+|Hardcoded AWS Access Key In Lambda
2564172f-c92b-4261-9acd-464aed511696|High|Secret Management|Query details
Documentation
|
+|IAM User LoginProfile Password Is In Plaintext
06adef8c-c284-4de7-aad2-af43b07a8ca1|High|Secret Management|Query details
Documentation
|
+|RefreshToken Is Exposed
5b48c507-0d1f-41b0-a630-76817c6b4189|High|Secret Management|Query details
Documentation
|
+|API Gateway Method Does Not Contains An API Key
3641d5b4-d339-4bc2-bfb9-208fe8d3477f|Medium|Access Control|Query details
Documentation
|
+|API Gateway Without Configured Authorizer
7fd0d461-5b8c-4815-898c-f2b4b117eb28|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Has No IAM Role
f914357d-8386-4d56-9ba6-456e5723f9a6|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Using Default Security Group
08b81bb3-0985-4023-8602-b606ad81d279|Medium|Access Control|Query details
Documentation
|
+|EC2 Network ACL Ineffective Denied Traffic
2623d682-dccb-44cd-99d0-54d9fd62f8f2|Medium|Access Control|Query details
Documentation
|
+|Elasticsearch Without IAM Authentication
5c666ed9-b586-49ab-9873-c495a833b705|Medium|Access Control|Query details
Documentation
|
+|Empty Roles For ECS Cluster Task Definitions
7f384a5f-b5a2-4d84-8ca3-ee0a5247becb|Medium|Access Control|Query details
Documentation
|
+|IAM Group Inline Policies
a58d1a2d-4078-4b80-855b-84cc3f7f4540|Medium|Access Control|Query details
Documentation
|
+|IAM Group Without Users
8f957abd-9703-413d-87d3-c578950a753c|Medium|Access Control|Query details
Documentation
|
+|IAM Policies Attached To User
edc95c10-7366-4f30-9b4b-f995c84eceb5|Medium|Access Control|Query details
Documentation
|
+|IAM Policies With Full Privileges
953b3cdb-ce13-428a-aa12-318726506661|Medium|Access Control|Query details
Documentation
|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services
e835bd0d-65da-49f7-b6d1-b646da8727e6|Medium|Access Control|Query details
Documentation
|
+|IAM Policy On User
e4239438-e639-44aa-adb8-866e400e3ade|Medium|Access Control|Query details
Documentation
|
+|IAM Role Allows All Principals To Assume
f80e3aa7-7b34-4185-954e-440a6894dde6|Medium|Access Control|Query details
Documentation
|
+|IoT Policy Allows Action as Wildcard
4d32780f-43a4-424a-a06d-943c543576a5|Medium|Access Control|Query details
Documentation
|
+|IoT Policy Allows Wildcard Resource
be5b230d-4371-4a28-a441-85dc760e2aa3|Medium|Access Control|Query details
Documentation
|
+|KMS Allows Wildcard Principal
f6049677-ec4a-43af-8779-5190b6d03cba|Medium|Access Control|Query details
Documentation
|
+|Lambda Permission Principal Is Wildcard
1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7|Medium|Access Control|Query details
Documentation
|
+|Public Lambda via API Gateway
57b12981-3816-4c31-b190-a1e614361dd2|Medium|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public ACL
48f100d9-f499-4c6d-b2b8-deafe47ffb26|Medium|Access Control|Query details
Documentation
|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously
818f38ed-8446-4132-9c03-474d49e10195|Medium|Access Control|Query details
Documentation
|
+|SQS Policy With Public Access
9b6a3f5b-5fd6-40ee-9bc0-ed604911212d|Medium|Access Control|Query details
Documentation
|
+|Auto Scaling Group With No Associated ELB
ad21e616-5026-4b9d-990d-5b007bfe679c|Medium|Availability|Query details
Documentation
|
+|CMK Is Unusable
2844c749-bd78-4cd1-90e8-b179df827602|Medium|Availability|Query details
Documentation
|
+|ElastiCache Nodes Not Created Across Multi AZ
cfdef2e5-1fe4-4ef4-bea8-c56e08963150|Medium|Availability|Query details
Documentation
|
+|RDS Multi-AZ Deployment Disabled
2b1d4935-9acf-48a7-8466-10d18bf51a69|Medium|Availability|Query details
Documentation
|
+|RDS With Backup Disabled
8c415f6f-7b90-4a27-a44a-51047e1506f9|Medium|Backup|Query details
Documentation
|
+|S3 Bucket Without Versioning
a227ec01-f97a-4084-91a4-47b350c1db54|Medium|Backup|Query details
Documentation
|
+|Stack Retention Disabled
fe974ae9-858e-4991-bbd5-e040a834679f|Medium|Backup|Query details
Documentation
|
+|DynamoDB Table Point In Time Recovery Disabled
0f04217d-488f-4e7a-bec8-f16159686cd6|Medium|Best Practices|Query details
Documentation
|
+|ECS No Load Balancer Attached
fb2b0ecf-1492-491a-a70d-ba1df579175d|Medium|Best Practices|Query details
Documentation
|
+|IAM Managed Policy Applied to a User
0e5872b4-19a0-4165-8b2f-56d9e14b909f|Medium|Best Practices|Query details
Documentation
|
+|IAM User Without Password Reset
a964d6e3-8e1e-4d93-8120-61fa640dd55a|Medium|Best Practices|Query details
Documentation
|
+|Alexa Skill Plaintext Client Secret Exposed
3c3b7a58-b018-4d07-9444-d9ee7156e111|Medium|Encryption|Query details
Documentation
|
+|CloudFormation Specifying Credentials Not Safe
9ecb6b21-18bc-4aa7-bd07-db20f1c746db|Medium|Encryption|Query details
Documentation
|
+|Cloudfront Viewer Protocol Policy Allows HTTP
31733ee2-fef0-4e87-9778-65da22a8ecf1|Medium|Encryption|Query details
Documentation
|
+|CodeBuild Not Encrypted
d7467bb6-3ed1-4c82-8095-5e7a818d0aad|Medium|Encryption|Query details
Documentation
|
+|Connection Between CloudFront Origin Not Encrypted
a5366a50-932f-4085-896b-41402714a388|Medium|Encryption|Query details
Documentation
|
+|Default KMS Key Usage
e52395b4-250b-4c60-81d5-2e58c1d37abc|Medium|Encryption|Query details
Documentation
|
+|EFS Volume With Disabled Transit Encryption
c1282e03-b285-4637-aee7-eefe3a7bb658|Medium|Encryption|Query details
Documentation
|
+|ElastiCache With Disabled Transit Encryption
3b02569b-fc6f-4153-b3a3-ba91022fed68|Medium|Encryption|Query details
Documentation
|
+|ELB Using Insecure Protocols
61a94903-3cd3-4780-88ec-fc918819b9c8|Medium|Encryption|Query details
Documentation
|
+|ELB Without Secure Protocol
80908a75-586b-4c61-ab04-490f4f4525b8|Medium|Encryption|Query details
Documentation
|
+|EMR Security Configuration Encryption Disabled
5b033ec8-f079-4323-b5c8-99d4620433a9|Medium|Encryption|Query details
Documentation
|
+|IAM Database Auth Not Enabled
9fcd0a0a-9b6f-4670-a215-d94e6bf3f184|Medium|Encryption|Query details
Documentation
|
+|KMS Key Rotation Disabled
235ca980-eb71-48f4-9030-df0c371029eb|Medium|Encryption|Query details
Documentation
|
+|Redshift Cluster Without KMS CMK
de76a0d6-66d5-45c9-9022-f05545b85c78|Medium|Encryption|Query details
Documentation
|
+|S3 Bucket Without SSL In Write Actions
38c64e76-c71e-4d92-a337-60174d1de1c9|Medium|Encryption|Query details
Documentation
|
+|SageMaker EndPoint Config Should Specify KmsKeyId Attribute
44034eda-1c3f-486a-831d-e09a7dd94354|Medium|Encryption|Query details
Documentation
|
+|Secure Ciphers Disabled
be96849c-3df6-49c2-bc16-778a7be2519c|Medium|Encryption|Query details
Documentation
|
+|SQS With SSE Disabled
12726829-93ed-4d51-9cbe-13423f4299e1|Medium|Encryption|Query details
Documentation
|
+|API Gateway With Open Access
1056dfbb-5802-4762-bf2b-8b9b9684b1b0|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without Security Policy
8275fab0-68ec-4705-bbf4-86975edb170e|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without SSL Certificate
ed4c48b8-eccc-4881-95c1-09fdae23db25|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
dc17ee4b-ddf2-4e23-96e8-7a36abad1303|Medium|Insecure Configurations|Query details
Documentation
|
+|ECR Image Tag Not Immutable
33f41d31-86b1-46a4-81f7-9c9a671f59ac|Medium|Insecure Configurations|Query details
Documentation
|
+|ECS Task Definition Network Mode Not Recommended
027a4b7a-8a59-4938-a04f-ed532512cf45|Medium|Insecure Configurations|Query details
Documentation
|
+|EMR Cluster Without Security Configuration
48af92a5-c89b-4936-bc62-1086fe2bab23|Medium|Insecure Configurations|Query details
Documentation
|
+|GitHub Repository Set To Public
5906092d-5f74-490d-9a03-78febe0f65e1|Medium|Insecure Configurations|Query details
Documentation
|
+|IAM User Has Too Many Access Keys
48677914-6fdf-40ec-80c4-2b0e94079f54|Medium|Insecure Configurations|Query details
Documentation
|
+|Redshift Publicly Accessible
bdf8dcb4-75df-4370-92c4-606e4ae6c4d3|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket With Unsecured CORS Rule
3609d27c-3698-483a-9402-13af6ae80583|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Ignore Public ACL
6c8d51af-218d-4bfb-94a9-94eabaa0703a|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Restriction Of Public Bucket
350cd468-0e2c-44ef-9d22-cfb73a62523c|Medium|Insecure Configurations|Query details
Documentation
|
+|SageMaker Enabling Internet Access
88d55d94-315d-4564-beee-d2d725feab11|Medium|Insecure Configurations|Query details
Documentation
|
+|Vulnerable Default SSL Certificate
b4d9c12b-bfba-4aeb-9cb8-2358546d8041|Medium|Insecure Defaults|Query details
Documentation
|
+|ALB Is Not Integrated With WAF
105ba098-1e34-48cd-b0f2-a8a43a51bf9b|Medium|Networking and Firewall|Query details
Documentation
|
+|ALB Listening on HTTP
275a3217-ca37-40c1-a6cf-bb57d245ab32|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Endpoint Config is Not Private
4a8daf95-709d-4a36-9132-d3e19878fa34|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway without WAF
fcbf9019-566c-4832-a65c-af00d8137d2b|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Without WAF
0f139403-303f-467c-96bd-e717e6cfd62d|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Subnet Has Public IP Mapping On Launch
b3de4e4c-14be-4159-b99d-9ad194365e4c|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Network ACL Overlapping Ports
77b6f1e2-bde4-4a6a-ae7e-a40659ff1576|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Permissive Network ACL Protocols
03879981-efa2-47a0-a818-c843e1441b88|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Public Instance Exposed Through Subnet
c44c95fc-ae92-4bb8-bdf8-bb9bc412004a|Medium|Networking and Firewall|Query details
Documentation
|
+|EKS node group remote access
73d59e76-a12c-4b74-a3d8-d3e1e19c25b3|Medium|Networking and Firewall|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
4cdc88e6-c0c8-4081-a639-bb3a557cbedf|Medium|Networking and Firewall|Query details
Documentation
|
+|ELB With Security Group Without Inbound Rules
e200a6f3-c589-49ec-9143-7421d4a2c845|Medium|Networking and Firewall|Query details
Documentation
|
+|ELB With Security Group Without Outbound Rules
01d5a458-a6c4-452a-ac50-054d59275b7c|Medium|Networking and Firewall|Query details
Documentation
|
+|GameLift Fleet EC2 InboundPermissions With Port Range
43356255-495d-4148-ad8d-f6af5eac09dd|Medium|Networking and Firewall|Query details
Documentation
|
+|HTTP Port Open To Internet
ddfc4eaa-af23-409f-b96c-bf5c45dc4daa|Medium|Networking and Firewall|Query details
Documentation
|
+|SageMaker Notebook Not Placed In VPC
9c7028d9-04c2-45be-b8b2-1188ccaefb36|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Egress CIDR Open To World
1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Egress With All Protocols
ee464fc2-54a6-4e22-b10a-c6dcd2474d0c|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Egress With Port Range
dae9c373-8287-462f-8746-6f93dad93610|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Ingress With All Protocols
1a427b25-2e9e-4298-9530-0499a55e736b|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group Ingress With Port Range
87482183-a8e7-4e42-a566-7a23ec231c16|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group With Unrestricted Access To SSH
6e856af2-62d7-4ba2-adc1-73b62cef9cc1|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Groups Allows Unrestricted Outbound Traffic
66f2d8f9-a911-4ced-ae27-34f09690bb2c|Medium|Networking and Firewall|Query details
Documentation
|
+|TCP UDP Protocol Network ACL Entry Allows All Ports
f57f849c-883b-4cb7-85e7-f7b199dff163|Medium|Networking and Firewall|Query details
Documentation
|
+|VPC Without Network Firewall
3e293410-d5b8-411f-85fd-7d26294f20c9|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Deployment Without Access Log Setting
06ec63e3-9f72-4fe2-a218-2eb9200b8db5|Medium|Observability|Query details
Documentation
|
+|API Gateway V2 Stage Access Logging Settings Not Defined
80d45af4-4920-4236-a56e-b7ef419d1941|Medium|Observability|Query details
Documentation
|
+|CloudFront Logging Disabled
de77cd9f-0e8b-46cc-b4a4-b6b436838642|Medium|Observability|Query details
Documentation
|
+|CloudTrail Logging Disabled
5c0b06d5-b7a4-484c-aeb0-75a836269ff0|Medium|Observability|Query details
Documentation
|
+|CloudWatch Logging Disabled
0f0fb06b-0f2f-4374-8588-f2c7c348c7a0|Medium|Observability|Query details
Documentation
|
+|CloudWatch Metrics Disabled
5d3c1807-acb3-4bb0-be4e-0440230feeaf|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
1bf3b3d4-f373-4d7c-afbb-7d85948a67a5|Medium|Observability|Query details
Documentation
|
+|EC2 Instance Monitoring Disabled
0264093f-6791-4475-af34-4b8102dcbcd0|Medium|Observability|Query details
Documentation
|
+|Elasticsearch Logs Disabled
edbd62d4-8700-41de-b000-b3cfebb5e996|Medium|Observability|Query details
Documentation
|
+|ELB Access Log Disabled
ee12ad32-2863-4c0f-b13f-28272d115028|Medium|Observability|Query details
Documentation
|
+|ELBv2 ALB Access Log Disabled
c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621|Medium|Observability|Query details
Documentation
|
+|GuardDuty Detector Disabled
a25cd877-375c-4121-a640-730929936fac|Medium|Observability|Query details
Documentation
|
+|MQ Broker Logging Disabled
e519ed6a-8328-4b69-8eb7-8fa549ac3050|Medium|Observability|Query details
Documentation
|
+|MSK Cluster Logging Disabled
fc7c2c15-f5d0-4b80-adb2-c89019f8f62b|Medium|Observability|Query details
Documentation
|
+|Redshift Cluster Logging Disabled
3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6|Medium|Observability|Query details
Documentation
|
+|S3 Bucket CloudTrail Logging Disabled
c3ce69fd-e3df-49c6-be78-1db3f802261c|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Logging Disabled
4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c|Medium|Observability|Query details
Documentation
|
+|VPC FlowLogs Disabled
f6d299d2-21eb-41cc-b1e1-fe12d857500b|Medium|Observability|Query details
Documentation
|
+|High Access Key Rotation Period
800fa019-49dd-421b-9042-7331fdd83fa2|Medium|Secret Management|Query details
Documentation
|
+|IAM User With No Group
06933df4-0ea7-461c-b9b5-104d27390e0e|Low|Access Control|Query details
Documentation
|
+|Support Has No Role Associated
d71b5fd7-9020-4b2d-9ec8-b3839faa2744|Low|Access Control|Query details
Documentation
|
+|EBS Volume Not Attached To Instances
1819ac03-542b-4026-976b-f37addd59f3b|Low|Availability|Query details
Documentation
|
+|ECS Service Without Running Tasks
79d745f0-d5f3-46db-9504-bef73e9fd528|Low|Availability|Query details
Documentation
|
+|VPC Attached With Too Many Gateways
97e94d17-e2c7-4109-a53b-6536ac1bb64e|Low|Availability|Query details
Documentation
|
+|Low RDS Backup Retention Period
e649a218-d099-4550-86a4-1231e1fcb60d|Low|Backup|Query details
Documentation
|
+|RDS DB Instance With Deletion Protection Disabled
2c161e58-cb52-454f-abea-6470c37b5e6e|Low|Backup|Query details
Documentation
|
+|Automatic Minor Upgrades Disabled
f0104061-8bfc-4b45-8a7d-630eb502f281|Low|Best Practices|Query details
Documentation
|
+|CDN Configuration Is Missing
e4f54ff4-d352-40e8-a096-5141073c37a2|Low|Best Practices|Query details
Documentation
|
+|Cognito UserPool Without MFA
74a18d1a-cf02-4a31-8791-ed0967ad7fdc|Low|Best Practices|Query details
Documentation
|
+|Geo Restriction Disabled
7f8843f0-9ea5-42b4-a02b-753055113195|Low|Best Practices|Query details
Documentation
|
+|IAM Access Analyzer Not Enabled
8d29754a-2a18-460d-a1ba-9509f8d359da|Low|Best Practices|Query details
Documentation
|
+|IAM Password Without Minimum Length
b1b20ae3-8fa7-4af5-a74d-a2145920fcb1|Low|Best Practices|Query details
Documentation
|
+|IAM Policies Without Groups
5e7acff5-095b-40ac-9073-ac2e4ad8a512|Low|Best Practices|Query details
Documentation
|
+|Lambda Permission Misconfigured
9b83114b-b2a1-4534-990d-06da015e47aa|Low|Best Practices|Query details
Documentation
|
+|Security Group Ingress Has CIDR Not Recommended
a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd|Low|Best Practices|Query details
Documentation
|
+|DynamoDB With Not Recommented Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|Low|Build Process|Query details
Documentation
|
+|EFS Without Tags
08e39832-5e42-4304-98a0-aa5b43393162|Low|Build Process|Query details
Documentation
|
+|API Gateway With Invalid Compression
d6653eee-2d4d-4e6a-976f-6794a497999a|Low|Encryption|Query details
Documentation
|
+|CloudTrail Log Files Not Encrypted With KMS
050a9ba8-d1cb-4c61-a5e8-8805a70d3b85|Low|Encryption|Query details
Documentation
|
+|EFS Without KMS
6d087495-2a42-4735-abf7-02ef5660a7e6|Low|Encryption|Query details
Documentation
|
+|API Gateway Cache Cluster Disabled
52790cad-d60d-41d5-8483-146f9f21208d|Low|Insecure Configurations|Query details
Documentation
|
+|Inline Policies Are Attached To ECS Service
9e8c89b3-7997-4d15-93e4-7911b9db99fd|Low|Insecure Configurations|Query details
Documentation
|
+|Instance With No VPC
8a6d36cd-0bc6-42b7-92c4-67acc8576861|Low|Insecure Configurations|Query details
Documentation
|
+|Lambda Function Without Dead Letter Queue
c2eae442-d3ba-4cb1-84ca-1db4f80eae3d|Low|Insecure Configurations|Query details
Documentation
|
+|Lambda Function Without Tags
8df8e857-bd59-44fa-9f4c-d77594b95b46|Low|Insecure Configurations|Query details
Documentation
|
+|Wildcard In ACM Certificate Domain Name
cc8b294f-006f-4f8f-b5bb-0a9140c33131|Low|Insecure Configurations|Query details
Documentation
|
+|RouterTable with Default Routing
4f0908b9-eb66-433f-9145-134274e1e944|Low|Insecure Defaults|Query details
Documentation
|
+|S3 Bucket Should Have Bucket Policy
37fa8188-738b-42c8-bf82-6334ea567738|Low|Insecure Defaults|Query details
Documentation
|
+|EC2 Instance Using Default VPC
e42a3ef0-5325-4667-84bf-075ba1c9d58e|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Using Default Port
323db967-c68e-44e6-916c-a777f95af34b|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Without VPC
ba766c53-fe71-4bbb-be35-b6803f2ef13e|Low|Networking and Firewall|Query details
Documentation
|
+|EMR Without VPC
bf89373a-be40-4c04-99f5-746742dfd7f3|Low|Networking and Firewall|Query details
Documentation
|
+|RDS Using Default Port
1fe9d958-ddce-4228-a124-05265a959a8b|Low|Networking and Firewall|Query details
Documentation
|
+|Redshift Using Default Port
a478af30-8c3a-404d-aa64-0b673cee509a|Low|Networking and Firewall|Query details
Documentation
|
+|Security Groups Without VPC Attached
493d9591-6249-47bf-8dc0-5c10161cc558|Low|Networking and Firewall|Query details
Documentation
|
+|Shield Advanced Not In Use
ad7444cf-817a-4765-a79e-2145f7981faf|Low|Networking and Firewall|Query details
Documentation
|
+|API Gateway Deployment Without API Gateway UsagePlan Associated
783860a3-6dca-4c8b-81d0-7b62769ccbca|Low|Observability|Query details
Documentation
|
+|API Gateway X-Ray Disabled
4ab10c48-bedb-4deb-8f3b-ff12783b61de|Low|Observability|Query details
Documentation
|
+|CloudTrail Log File Validation Disabled
2a3560fe-52ca-4443-b34f-bf0ed5eb74c8|Low|Observability|Query details
Documentation
|
+|CloudTrail Multi Region Disabled
058ac855-989f-4378-ba4d-52d004020da7|Low|Observability|Query details
Documentation
|
+|CloudTrail Not Integrated With CloudWatch
65d07da5-9af5-44df-8983-52d2e6f24c44|Low|Observability|Query details
Documentation
|
+|CloudTrail SNS Topic Name Undefined
3e09413f-471e-40f3-8626-990c79ae63f3|Low|Observability|Query details
Documentation
|
+|CMK Rotation Disabled
1c07bfaf-663c-4f6f-b22b-8e2d481e4df5|Low|Observability|Query details
Documentation
|
+|Configuration Aggregator to All Regions Disabled
9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d|Low|Observability|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
ab759fde-e1e8-4b0e-ad73-ba856e490ed8|Low|Observability|Query details
Documentation
|
+|ECS Task Definition HealthCheck Missing
d24389b4-b209-4ff0-8345-dc7a4569dcdd|Low|Observability|Query details
Documentation
|
+|ElasticSearch Without Slow Logs
086ea2eb-14a6-4fd4-914b-38e0bc8703e8|Low|Observability|Query details
Documentation
|
+|Lambda Functions Without X-Ray Tracing
9488c451-074e-4cd3-aee3-7db6104f542c|Low|Observability|Query details
Documentation
|
+|Stack Notifications Disabled
837e033c-4717-40bd-807e-6abaa30161b7|Low|Observability|Query details
Documentation
|
+|Unscanned ECR Image
9025b2b3-e554-4842-ba87-db7aeec36d35|Low|Observability|Query details
Documentation
|
+|API Gateway Stage Without API Gateway UsagePlan Associated
7f8f1b60-43df-4c28-aa21-fb836dbd8071|Low|Resource Management|Query details
Documentation
|
+|ECS Task Definition Invalid CPU or Memory
f4c9b5f5-68b8-491f-9e48-4f96644a1d51|Low|Resource Management|Query details
Documentation
|
+|SDB Domain Declared As A Resource
6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d|Low|Resource Management|Query details
Documentation
|
+|VPC Without Attached Subnet
3b3b4411-ad1f-40e7-b257-a78a6bb9673a|Low|Resource Management|Query details
Documentation
|
+|EBS Volume Without KmsKeyId
b7063015-6c31-4658-a8e7-14f98f37fd42|Low|Secret Management|Query details
Documentation
|
+|Secrets Manager Should Specify KmsKeyId
c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22|Low|Secret Management|Query details
Documentation
|
+|SNS Topic Without KmsMasterKeyId
9d13b150-a2ab-42a1-b6f4-142e41f81e52|Low|Secret Management|Query details
Documentation
|
+|EC2 Not EBS Optimized
8dd0ff1f-0da4-48df-9bb3-7f338ae36a40|Info|Best Practices|Query details
Documentation
|
+|Security Group Rule Without Description
5e6c9c68-8a82-408e-8749-ddad78cbb9c5|Info|Best Practices|Query details
Documentation
|
+|EC2 Network ACL Duplicate Rule
045ddb54-cfc5-4abb-9e05-e427b2bc96fe|Info|Networking and Firewall|Query details
Documentation
|
### AWS_BOM
Below are listed queries related to CloudFormation AWS_BOM:
@@ -264,18 +264,18 @@ Below are listed queries related to CloudFormation AWS_BOM:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|BOM - AWS Cassandra
124b173b-e06d-48a6-8acd-f889443d97a4|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS DynamoDB
4e67c0ae-38a0-47f4-a50c-f0c9b75826df|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EBS
0b0556ea-9cd9-476f-862e-20679dda752b|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EFS
ef05a925-8568-4054-8ff1-f5ba82631c16|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Elasticache
c689f51b-9203-43b3-9d8b-caed123f706c|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Kinesis
d53323be-dde6-4457-9a43-42df737e71d2|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MQ
209189f3-c879-48a7-9703-fbcfa96d0cef|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MSK
2730c169-51d7-4ae7-99b5-584379eff1bb|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS RDS
6ef03ff6-a2bd-483c-851f-631f248bc0ea|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS S3 Buckets
b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SNS
42e7dca3-8cce-4325-8df0-108888259136|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SQS
59a849c2-1127-4023-85a5-ef906dcd458c|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Cassandra
124b173b-e06d-48a6-8acd-f889443d97a4|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS DynamoDB
4e67c0ae-38a0-47f4-a50c-f0c9b75826df|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EBS
0b0556ea-9cd9-476f-862e-20679dda752b|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EFS
ef05a925-8568-4054-8ff1-f5ba82631c16|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Elasticache
c689f51b-9203-43b3-9d8b-caed123f706c|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Kinesis
d53323be-dde6-4457-9a43-42df737e71d2|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MQ
209189f3-c879-48a7-9703-fbcfa96d0cef|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MSK
2730c169-51d7-4ae7-99b5-584379eff1bb|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS RDS
6ef03ff6-a2bd-483c-851f-631f248bc0ea|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS S3 Buckets
b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SNS
42e7dca3-8cce-4325-8df0-108888259136|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SQS
59a849c2-1127-4023-85a5-ef906dcd458c|Trace|Bill Of Materials|Query details
Documentation
|
### AWS_SAM
Below are listed queries related to CloudFormation AWS_SAM:
@@ -284,13 +284,13 @@ Below are listed queries related to CloudFormation AWS_SAM:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Serverless Function Without Unique IAM Role
4ba74f01-aba5-4be2-83bc-be79ff1a3b92|High|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Environment Variables Not Encrypted
a7f8ac28-eed1-483d-87c8-4c325f022572|Medium|Encryption|Query details
Documentation
|
-|Serverless API Endpoint Config Not Private
6b5b0313-771b-4319-ad7a-122ee78700ef|Medium|Networking and Firewall|Query details
Documentation
|
-|Serverless API Access Logging Setting Undefined
0a994e04-c6dc-471d-817e-d37451d18a3b|Medium|Observability|Query details
Documentation
|
-|Serverless API X-Ray Tracing Disabled
c757c6a3-ac87-4b9d-b28d-e5a5add6a315|Medium|Observability|Query details
Documentation
|
-|Serverless API Without Content Encoding
a2f2800e-614b-4bc8-89e6-fec8afd24800|Low|Encryption|Query details
Documentation
|
-|Serverless API Cache Cluster Disabled
60a05ede-0a68-4d0d-a58f-f538cf55ff79|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without Dead Letter Queue
cb2f612b-ed42-4ff5-9fb9-255c73d39a18|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without Tags
a71ecabe-03b6-456a-b3bc-d1a39aa20c98|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without X-Ray Tracing
dc1ab429-1481-4540-9b1d-280e3f15f1f8|Low|Observability|Query details
Documentation
|
+|Serverless Function Without Unique IAM Role
4ba74f01-aba5-4be2-83bc-be79ff1a3b92|High|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Environment Variables Not Encrypted
a7f8ac28-eed1-483d-87c8-4c325f022572|Medium|Encryption|Query details
Documentation
|
+|Serverless API Endpoint Config Not Private
6b5b0313-771b-4319-ad7a-122ee78700ef|Medium|Networking and Firewall|Query details
Documentation
|
+|Serverless API Access Logging Setting Undefined
0a994e04-c6dc-471d-817e-d37451d18a3b|Medium|Observability|Query details
Documentation
|
+|Serverless API X-Ray Tracing Disabled
c757c6a3-ac87-4b9d-b28d-e5a5add6a315|Medium|Observability|Query details
Documentation
|
+|Serverless API Without Content Encoding
a2f2800e-614b-4bc8-89e6-fec8afd24800|Low|Encryption|Query details
Documentation
|
+|Serverless API Cache Cluster Disabled
60a05ede-0a68-4d0d-a58f-f538cf55ff79|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without Dead Letter Queue
cb2f612b-ed42-4ff5-9fb9-255c73d39a18|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without Tags
a71ecabe-03b6-456a-b3bc-d1a39aa20c98|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without X-Ray Tracing
dc1ab429-1481-4540-9b1d-280e3f15f1f8|Low|Observability|Query details
Documentation
|
diff --git a/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md b/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md
index f96552c547a..ebfe2a9d512 100644
--- a/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md
+++ b/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/db_security_group_open_to_large_scope)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md b/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md
index 8f65c24bdff..5a6087ffb03 100644
--- a/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md
+++ b/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_service_admin_role_is_present)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md b/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md
index 4ac467de14b..e71bde2d2bf 100644
--- a/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md
+++ b/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_with_security_group_without_outbound_rules)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md b/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md
index 4e0b981f393..e646ace29f6 100644
--- a/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md
+++ b/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_monitoring_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md b/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md
index a7da38b2954..5c5495d2426 100644
--- a/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md
+++ b/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_task_definition_network_mode_not_recommended)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md b/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md
index 2bdc89b9f47..1ad4280a263 100644
--- a/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md
+++ b/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_permissive_network_acl_protocols)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md b/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md
index 156121268ab..79cf468de56 100644
--- a/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md
+++ b/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_app_oauth_token_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md b/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md
index 3ea546d031f..829e3b5c416 100644
--- a/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md
+++ b/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Info
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_network_acl_duplicate_rule)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md b/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md
index bff62b1891e..0efb08a7541 100644
--- a/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md
+++ b/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_kms)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md b/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md
index b5b90a9eb16..82656b2d6f3 100644
--- a/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md
+++ b/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_multi_region_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md b/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md
index 1d9e6eaa042..5ea0cc574f8 100644
--- a/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md
+++ b/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_user_with_no_group)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md b/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md
index 797d07369e1..712f9f2ec18 100644
--- a/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md
+++ b/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_user_login_profile_password_is_in_plaintext)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md b/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md
index e1cfdd48492..bc3fb79e8fa 100644
--- a/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md
+++ b/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/directory_service_microsoft_ad_password_set_to_plaintext_or_default_ref)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md b/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md
index 036128f17e9..2d711278bad 100644
--- a/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md
+++ b/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_deployment_without_access_log_setting)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md b/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md
index 7c64511c3ce..50eedca1c0a 100644
--- a/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md
+++ b/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_or_write_to_all_users)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md b/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md
index bfbf4e13259..e31d56ade6c 100644
--- a/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md
+++ b/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_without_slow_logs)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md b/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md
index ce82cdda172..29e0be26635 100644
--- a/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md
+++ b/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_using_default_security_group)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md b/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md
index 8e8c3266f21..d85660205d6 100644
--- a/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md
+++ b/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_without_tags)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md b/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md
index a84b2f53c31..5cff2bb28e1 100644
--- a/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md
+++ b/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_access_logging_setting_undefined)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md b/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md
index 55046e9b9b2..11eadccdeda 100644
--- a/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md
+++ b/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/ebs)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md b/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md
index c78a0c8f4dc..3e805d1f3fa 100644
--- a/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md
+++ b/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/msk_broker_is_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md b/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md
index 1afe0959322..5a2596ddf2b 100644
--- a/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md
+++ b/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_managed_policy_applied_to_a_user)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md b/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md
index f4491243ff8..f88aabdb1cc 100644
--- a/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md
+++ b/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_table_point_in_time_recovery_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md b/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md
index 1921aa2e8e2..dd2cedb2e15 100644
--- a/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md
+++ b/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudwatch_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md b/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md
index 0b4e8a5ff30..3f2da52454a 100644
--- a/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md
+++ b/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_without_waf)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md b/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md
index 0715f5e10fb..d0f5a8ac094 100644
--- a/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md
+++ b/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_with_open_access)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md b/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md
index 0b048330cfe..d8c198f9bab 100644
--- a/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md
+++ b/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/alb_is_not_integrated_with_waf)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md b/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md
index a8dddeadf55..f5c4f51c642 100644
--- a/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md
+++ b/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/cassandra)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md b/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md
index f1c09d637a1..1654c80a6f9 100644
--- a/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md
+++ b/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sqs_with_sse_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md b/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md
index d5ea8fa6b21..ab8ee416024 100644
--- a/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md
+++ b/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ebs_volume_not_attached_to_instances)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md b/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md
index b7f8ddaad6f..a6711647b84 100644
--- a/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md
+++ b/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_ingress_with_all_protocols)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md b/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md
index 4ce429288d0..3a1b7fac954 100644
--- a/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md
+++ b/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/config_rule_for_encryption_volumes_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md b/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md
index f5cfbde2e19..b87990228e5 100644
--- a/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md
+++ b/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/docdb_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md b/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md
index 189e875571a..b05995a70d7 100644
--- a/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md
+++ b/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cmk_rotation_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md b/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md
index 0f7ded1f119..2af601eff51 100644
--- a/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md
+++ b/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_egress_cidr_open_to_world)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md b/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md
index daa2f3c0b21..05dd2c85ac9 100644
--- a/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md
+++ b/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_permission_principal_is_wildcard)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md b/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md
index 2be3bfbff0f..1417dc2dc11 100644
--- a/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md
+++ b/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_using_default_port)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md b/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md
index f017413db2c..35a92f7b1b5 100644
--- a/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md
+++ b/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/mq)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md b/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md
index 932592ad623..7f744c2e38b 100644
--- a/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md
+++ b/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_all_users)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md b/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md
index a56a765313a..8810c3b76c5 100644
--- a/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md
+++ b/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kms_enable_key_rotation_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md b/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md
index 6b567266671..d13a83e8ca6 100644
--- a/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md
+++ b/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/route53_record_undefined)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md b/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md
index b6ddbd1ac0c..e111c1e99de 100644
--- a/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md
+++ b/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/hardcoded_aws_access_key_in_lambda)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md b/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md
index 14cbf540268..8dd0fb725c4 100644
--- a/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md
+++ b/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_network_acl_ineffective_denied_traffic)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md b/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md
index 56b0d4a4219..50604970e1b 100644
--- a/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md
+++ b/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/msk)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md b/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md
index 98f854921b7..6f47fc5c295 100644
--- a/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md
+++ b/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/alb_listening_on_http)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md b/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md
index d1b1f3ec14f..4c5934c9c30 100644
--- a/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md
+++ b/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cmk_is_unusable)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md b/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md
index 97a731b16c3..055587198fc 100644
--- a/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md
+++ b/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_log_file_validation_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md b/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md
index 13336854cfc..34184a94bd6 100644
--- a/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md
+++ b/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_multi_az_deployment_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md b/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md
index ca544ce05b4..1bed5634a90 100644
--- a/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md
+++ b/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_db_instance_with_deletion_protection_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md b/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md
index 16595e46c3a..4dcc5e9f79f 100644
--- a/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md
+++ b/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md b/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md
index b6543d7f9ca..b01d8231040 100644
--- a/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md
+++ b/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amazon_mq_broker_encryption_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md b/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md
index bd02d517317..b5444a5f949 100644
--- a/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md
+++ b/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_viewer_protocol_policy_allows_http)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md b/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md
index d356bc4c35f..7b54041e65e 100644
--- a/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md
+++ b/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_using_default_port)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md b/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md
index 3c78e5cc49d..1a618be10b5 100644
--- a/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md
+++ b/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecr_image_tag_not_immutable)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md b/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md
index 3909ff1a035..fef6ab20f73 100644
--- a/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md
+++ b/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_restriction_of_public_bucket)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md b/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md
index ca7ed354015..fde34044c0e 100644
--- a/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md
+++ b/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_with_unsecured_cors_rule)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md b/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md
index bf9f6615ecd..d3d17e9c0fb 100644
--- a/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md
+++ b/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_method_does_not_contains_an_api_key)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md b/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md
index b356d5c3908..0ff7720d2d8 100644
--- a/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md
+++ b/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_cache_encrypted_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md b/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md
index c1b05c83612..0c27096894a 100644
--- a/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md
+++ b/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_should_have_bucket_policy)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md b/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md
index 1b951918f39..3eb139a4ad9 100644
--- a/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md
+++ b/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_ssl_in_write_actions)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md b/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md
index caca0b87acb..f7d35250d35 100644
--- a/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md
+++ b/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/docdb_cluster_master_password_in_plaintext)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md b/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md
index a78a8a23b95..67c13f7ec31 100644
--- a/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md
+++ b/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_unrestricted_access_to_rdp)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md b/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md
index bc48adb007b..0942092a6c2 100644
--- a/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md
+++ b/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_with_disabled_transit_encryption)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md b/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md
index 21fedfb291c..5d2b681e78a 100644
--- a/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md
+++ b/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md b/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md
index 4dc503a35a6..af15ebf7aad 100644
--- a/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md
+++ b/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_without_attached_subnet)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md b/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md
index fccd510e568..968f4fb5ec0 100644
--- a/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md
+++ b/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/alexa_skill_plaintext_client_secret_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md b/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md
index b587cd858a2..b33b556cbaa 100644
--- a/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md
+++ b/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_cluster_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md b/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md
index 5c2032d8ed7..4d1267fb29d 100644
--- a/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md
+++ b/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md b/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md
index 1dcb77149b6..1affbe2a49e 100644
--- a/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md
+++ b/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_without_network_firewall)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md b/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md
index 942b0357043..50b3da79dd6 100644
--- a/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md
+++ b/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/sns)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md b/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md
index 81cd32461cf..885589c778e 100644
--- a/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md
+++ b/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/gamelift_fleet_ec2_inbound_permissions_with_port_range)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md b/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md
index e59de29aab9..66611ff8367 100644
--- a/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md
+++ b/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_endpoint_config_should_specify_kms_key_id_attribute)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md b/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md
index 4eac1c227fb..63af0d939dc 100644
--- a/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md
+++ b/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md b/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md
index 2ecbf570d17..0557b9147e2 100644
--- a/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md
+++ b/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_restore_actions_from_all_principals)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md b/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md
index 9e7ef23be96..3547e4c0df3 100644
--- a/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md
+++ b/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_user_too_many_access_keys)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md b/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md
index 1370481c844..15c11a47972 100644
--- a/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md
+++ b/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/emr_cluster_without_security_configuration)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md b/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md
index a7a7ac444e7..55a1b50cc7c 100644
--- a/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md
+++ b/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_public_acl)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md b/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md
index 43ee0c48c79..4b965b3dd5c 100644
--- a/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md
+++ b/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_without_vpc_attached)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md b/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md
index 27d40bf62ff..6b3542b5e21 100644
--- a/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md
+++ b/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_sensitive_port_is_publicly_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md b/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md
index 4a879bc73e2..f9649638526 100644
--- a/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md
+++ b/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md b/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md
index 9b12077f626..7adea7ab264 100644
--- a/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md
+++ b/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_endpoint_config_is_not_private)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md b/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md
index 58306f90fc4..edb46ae6c25 100644
--- a/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md
+++ b/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_xray_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md b/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md
index 3c11ed5aad8..732b354dc8b 100644
--- a/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md
+++ b/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_with_all_permissions)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md b/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md
index b5d8a5740f9..6e7692140fe 100644
--- a/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md
+++ b/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_unique_iam_role)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md b/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md
index 83ffb453aed..eea43e8a292 100644
--- a/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md
+++ b/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_table_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md b/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md
index 4d712e9177f..9e58172be6a 100644
--- a/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md
+++ b/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/root_account_has_active_access_keys)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md b/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md
index 5bfd8c11fa1..628550d262e 100644
--- a/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md
+++ b/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_with_https_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md b/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md
index f772d1b4126..e16c0648033 100644
--- a/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md
+++ b/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iot_policy_allows_action_as_wildcard)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md b/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md
index d46ca81d8cb..df1d119219e 100644
--- a/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md
+++ b/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/dynamo)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md b/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md
index 1d3cbc980ca..802afbec032 100644
--- a/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md
+++ b/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_associated_with_public_subnet)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md b/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md
index 853503738ee..152e4d45f9e 100644
--- a/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md
+++ b/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/routertable_with_default_routing)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md b/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md
index 93582a79836..c9d8188149b 100644
--- a/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md
+++ b/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_cache_cluster_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md b/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md
index fa3de5c61b7..1841762de62 100644
--- a/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md
+++ b/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/user_data_contains_encoded_private_key)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md b/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md
index 34129bbc1dd..df0da209cde 100644
--- a/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md
+++ b/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/public_lambda_via_api_gateway)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md b/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md
index 328b461ae79..7e7ebdb8df0 100644
--- a/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md
+++ b/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amazon_dms_replication_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md b/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md
index 92898e2815c..06e0ff51ad1 100644
--- a/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md
+++ b/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/github_repository_set_to_public)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md b/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md
index 966e89f4162..efe679350bd 100644
--- a/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md
+++ b/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/sqs)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md b/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md
index c793a7de878..43286c70add 100644
--- a/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md
+++ b/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/emr_security_configuration_encryptions_enabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md b/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md
index f67c41ae919..80cd528a461 100644
--- a/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md
+++ b/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/refresh_token_is_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md b/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md
index 5a46b7d9d77..f3e450424af 100644
--- a/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md
+++ b/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_storage_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md b/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md
index 2e9f8bf0ee9..daf7e2db63a 100644
--- a/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md
+++ b/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md b/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md
index 48c48f2bd1b..4edbfd41285 100644
--- a/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md
+++ b/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_without_iam_authentication)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md b/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md
index 9591b6885f6..dcf01bf9ce3 100644
--- a/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md
+++ b/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudwatch_metrics_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md b/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md
index 56c9683566d..2bd5be71ae9 100644
--- a/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md
+++ b/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_rule_without_description)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md b/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md
index 8ca6ba775a6..cda0c32ba26 100644
--- a/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md
+++ b/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policies_without_groups)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md b/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md
index 8cf3fd49be2..fcc2c932bae 100644
--- a/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md
+++ b/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dms_endpoint_password_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md b/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md
index c87e3c21653..fd4bfbf7838 100644
--- a/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md
+++ b/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_cache_cluster_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md b/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md
index 40c4002dbad..bfdc1ee230c 100644
--- a/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md
+++ b/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_using_insecure_protocols)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md b/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md
index a0abcb0fb32..72c1e061249 100644
--- a/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md
+++ b/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_storage_encryption_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md b/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md
index 5d73ff4ad36..a77c14173fe 100644
--- a/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md
+++ b/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_not_integrated_with_cloudwatch)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md b/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md
index f5b3a9cf2c3..0e32a972390 100644
--- a/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md
+++ b/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/directory_service_simple_ad_password_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md b/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md
index 3b575eadd54..a06f29f5efc 100644
--- a/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md
+++ b/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_allows_unrestricted_outbound_traffic)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md b/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md
index 88629130175..cd8a27489b6 100644
--- a/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md
+++ b/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/mq_broker_is_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md b/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md
index 04381ac4bb1..c29210de3e6 100644
--- a/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md
+++ b/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_endpoint_config_not_private)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md b/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md
index 4ecd95348c4..804777a9454 100644
--- a/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md
+++ b/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_cluster_not_encrypted_at_rest)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md b/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md
index c9687bc08e9..e7ec9506dbe 100644
--- a/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md
+++ b/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_ignore_public_acl)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md b/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md
index 1022137ec83..5a37da6cec4 100644
--- a/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md
+++ b/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_without_kms)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md b/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md
index 69f862f9f6f..3d5ca3adfdb 100644
--- a/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md
+++ b/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/webacl_allow_defaultaction)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md b/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md
index 2aff910afea..4f6971aa9b8 100644
--- a/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md
+++ b/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_with_unrestricted_access_to_ssh)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md b/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md
index 653fb2c5976..6a858ca2fdd 100644
--- a/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md
+++ b/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sdb_domain_declared_as_a_resource)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md b/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md
index 5e733430e72..cbc490ad5e4 100644
--- a/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md
+++ b/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/rds)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md b/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md
index 0bd17276727..ae90cac812b 100644
--- a/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md
+++ b/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_data_encryption_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md b/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md
index c9a8dfe44bc..817c7ed4ff5 100644
--- a/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md
+++ b/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_app_basic_auth_config_password_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md b/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md
index b3b9143e988..6c409b5b094 100644
--- a/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md
+++ b/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_app_access_token_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md b/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md
index fb536553ccf..14b5997a870 100644
--- a/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md
+++ b/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/eks_node_group_remote_access)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md b/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md
index 8d23c994fce..ef6388a7b13 100644
--- a/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md
+++ b/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cognito_userpool_without_mfa)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md b/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md
index 8087dae9509..b4ff349e871 100644
--- a/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md
+++ b/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecr_repository_is_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md b/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md
index 457a047a9bd..0bd177f8916 100644
--- a/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md
+++ b/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/batch_job_definition_with_privileged_container_properties)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md b/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md
index 97a15432f4d..0f789d84303 100644
--- a/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md
+++ b/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_access_to_any_principal)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md b/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md
index 6908ac950b5..0b779234811 100644
--- a/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md
+++ b/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_network_acl_overlapping_ports)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md b/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md
index 1bc624871b1..4984ec0ae7e 100644
--- a/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md
+++ b/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_sensitive_port_is_exposed_to_entire_network)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md b/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md
index 0cbc9d7a16e..41578033cd1 100644
--- a/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md
+++ b/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md b/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md
index a3510c976d7..84e6f668528 100644
--- a/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md
+++ b/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_service_without_running_tasks)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md b/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md
index 5963e5d79fc..f2532f039ce 100644
--- a/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md
+++ b/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/empty_roles_for_ecs_cluster_task_definitions)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md b/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md
index 67f1f73af62..b7adb608b43 100644
--- a/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md
+++ b/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kinesis_sse_not_configured)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md b/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md
index e10bcc32922..d57f97704a0 100644
--- a/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md
+++ b/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/geo_restriction_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md b/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md
index 7838a9683ec..fff0c97b46c 100644
--- a/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md
+++ b/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_stage_without_api_gateway_usage_plan_associated)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md b/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md
index f9166ab8357..43e75cc7ce8 100644
--- a/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md
+++ b/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_configured_authorizer)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md b/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md
index 9c0584cdde2..e54f1221e26 100644
--- a/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md
+++ b/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/access_key_not_rotated_within_90_days)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md b/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md
index f6439285f37..cfa76d990cd 100644
--- a/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md
+++ b/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_without_secure_protocol)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md b/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md
index 43eee80a190..bf8c7862def 100644
--- a/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md
+++ b/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_using_weak_ciphers)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md b/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md
index c4b668a6863..89aa0c7749b 100644
--- a/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md
+++ b/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ebs_volume_encryption_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md b/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md
index 90585bd5021..03334dc774d 100644
--- a/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md
+++ b/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_access_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md b/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md
index cb5ec557b32..f1056fda60a 100644
--- a/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md
+++ b/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md b/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md
index 11472086503..a21659f8f50 100644
--- a/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md
+++ b/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_security_policy)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md b/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md
index 6c239aab001..22152e78fc2 100644
--- a/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md
+++ b/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/unknown_port_exposed_to_internet)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md b/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md
index eba89a543b8..d71f5d48b83 100644
--- a/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md
+++ b/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_any_authenticated_user)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md b/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md
index 37d756680bf..dd72c48b7d3 100644
--- a/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md
+++ b/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/stack_notifications_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md b/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md
index d2574b16298..9b45c6782ac 100644
--- a/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md
+++ b/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md b/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md
index e4809cf4d69..d0313d9a2a7 100644
--- a/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md
+++ b/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_with_public_policy)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md b/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md
index d207637331b..57dda9f1660 100644
--- a/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md
+++ b/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_not_encrypted_at_rest)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md b/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md
index 9163313c864..95d870c8ab6 100644
--- a/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md
+++ b/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_ingress_with_port_range)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md b/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md
index e89a46b43c4..5b0bbc4490b 100644
--- a/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md
+++ b/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_enabling_internet_access)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md b/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md
index 338171e52eb..fc6ccf2db6f 100644
--- a/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md
+++ b/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/workspace_without_encryption)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md b/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md
index 09bef167263..af3f929c0a0 100644
--- a/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md
+++ b/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/instance_with_no_vpc)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md b/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md
index 3c781b0600b..d523a5b7f6f 100644
--- a/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md
+++ b/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_with_backup_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md b/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md
index 0c8c6536342..3b59429d9aa 100644
--- a/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md
+++ b/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_access_analyzer_not_enabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md b/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md
index cc327bb8573..46ea73f1860 100644
--- a/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md
+++ b/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_not_ebs_optimized)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md b/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md
index 3a11471ea16..ded138c45c7 100644
--- a/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md
+++ b/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_function_without_tags)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md b/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md
index 8631da1055f..cb17548ab5f 100644
--- a/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md
+++ b/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_group_without_users)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md b/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md
index 38c062c84b9..14e2a3d20bf 100644
--- a/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md
+++ b/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/unscanned_ecr_image)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md b/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md
index f209358ed28..945857569fd 100644
--- a/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md
+++ b/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_static_website_host_enabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md b/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md
index 7c08c5e0493..a4f011e138e 100644
--- a/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md
+++ b/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_functions_without_x-ray_tracing)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md b/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md
index 61f2289782c..75727e88e64 100644
--- a/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md
+++ b/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policies_with_full_privileges)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md b/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md
index 201f787132d..68dec5c0c30 100644
--- a/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md
+++ b/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/db_security_group_with_public_scope)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md b/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md
index b2d19ea27b1..8e2e911fb17 100644
--- a/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md
+++ b/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_attached_with_too_many_gateways)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md b/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md
index dd5f9a271ab..619650bfafb 100644
--- a/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md
+++ b/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sqs_policy_with_public_access)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md b/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md
index 5eca397b07e..e31d078e7e6 100644
--- a/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md
+++ b/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_permission_misconfigured)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md b/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md
index 829b8d2b655..1a1d1248680 100644
--- a/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md
+++ b/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_notebook_not_placed_in_vpc)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md b/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md
index 45ee92d6a10..dba5d4e0053 100644
--- a/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md
+++ b/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sns_topic_without_kms_master_key_id)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md b/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md
index e9dbde513ec..11a756a077e 100644
--- a/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md
+++ b/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/inline_policies_are_attached_to_ecs_service)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md b/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md
index c60ce7ba982..23a6124c55a 100644
--- a/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md
+++ b/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudformation_specifying_credentials_not_safe)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md b/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md
index a21eac1ee64..14435d9ccf7 100644
--- a/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md
+++ b/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/config_configuration_aggregator_to_all_regions_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md b/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md
index 70d40ff024a..4d56feaf921 100644
--- a/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md
+++ b/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_database_auth_not_enabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md b/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md
index 3fe596a963f..04b166d3aa5 100644
--- a/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md
+++ b/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_functions_with_full_privileges)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md b/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md
index e79eb7050f8..a39467a5a66 100644
--- a/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md
+++ b/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_versioning)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md b/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md
index 93a8241dbf5..3943032e55b 100644
--- a/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md
+++ b/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/guardduty_detector_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md b/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md
index ffa19d50e0f..e75cb60a025 100644
--- a/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md
+++ b/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_without_content_encoding)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md b/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md
index 1816c0bc4b6..8f70ef00f02 100644
--- a/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md
+++ b/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/neptune_cluster_with_iam_database_authentication_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md b/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md
index 7d9e54b6ac9..703b598e315 100644
--- a/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md
+++ b/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_ingress_has_cidr_not_recommended)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md b/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md
index 90ab50106b6..2bd2c444c35 100644
--- a/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md
+++ b/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_using_default_port)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md b/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md
index 59124f640bf..b468fb2b8d2 100644
--- a/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md
+++ b/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/connection_between_cloudfront_origin_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md b/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md
index 2cbf5857679..d2a3fe231f0 100644
--- a/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md
+++ b/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_groups_inline_policies)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md b/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md
index 0208a75aff6..b3d7692eb21 100644
--- a/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md
+++ b/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_tags)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md b/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md
index c4d0ed0d6a6..05d36bfdb83 100644
--- a/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md
+++ b/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_environment_variables_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md b/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md
index 0f9b4234873..caec7f64129 100644
--- a/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md
+++ b/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/user_iam_missing_password_reset_required)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md b/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md
index fa767114de5..5c727bd23c6 100644
--- a/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md
+++ b/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md b/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md
index 3d086787cdf..77c595e940a 100644
--- a/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md
+++ b/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_cluster_container_insights_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md b/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md
index 536cf2985c0..5e5d7a0f6b0 100644
--- a/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md
+++ b/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_delete_actions_from_all_principals)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md b/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md
index 12193036618..8d4dbd721a8 100644
--- a/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md
+++ b/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/auto_scaling_group_with_no_associated_elb)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md b/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md
index fa1ef9de352..121657b7f1c 100644
--- a/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md
+++ b/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/shield_advanced_not_in_use)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md b/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md
index 3f435b4ed1c..e6dda42fdf3 100644
--- a/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md
+++ b/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_with_meta_ip)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md b/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md
index 8bf21b96fca..4b16598e423 100644
--- a/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md
+++ b/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_functions_without_unique_iam_roles)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md b/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md
index ec4e468b3cf..f4913f2a13e 100644
--- a/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md
+++ b/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md b/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md
index 9b27ba8f652..f222cdd6992 100644
--- a/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md
+++ b/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_password_without_minimum_length)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md b/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md
index a93a1038e81..02c8183d28b 100644
--- a/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md
+++ b/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_server_side_encryption)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md b/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md
index 53cfeaf51a3..a757587f459 100644
--- a/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md
+++ b/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_subnet_has_public_ip_mapping_on_launch)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md b/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md
index 718887f089c..2fb3e24d288 100644
--- a/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md
+++ b/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md b/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md
index c3c6ac05122..7c8daaa4f92 100644
--- a/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md
+++ b/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/s3_bucket)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md b/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md
index 348a6432914..ea864c19776 100644
--- a/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md
+++ b/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ebs_volume_without_kms_key_id)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md b/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md
index 3b2b37f43e7..03eab33f7e2 100644
--- a/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md
+++ b/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_without_vpc)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md b/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md
index 819cc2d9b20..dbae0023243 100644
--- a/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md
+++ b/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md b/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md
index 266585c8a26..7d8b1a6510d 100644
--- a/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md
+++ b/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iot_policy_allows_wildcard_resource)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md b/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md
index de0645806db..d5db923df5e 100644
--- a/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md
+++ b/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/secure_ciphers_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md b/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md
index 7f717c253f8..9ab82dc93bd 100644
--- a/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md
+++ b/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/neptune_database_cluster_encryption_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md b/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md
index 823094b32b0..9d9a43f6ad7 100644
--- a/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md
+++ b/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/emr_wihout_vpc)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md b/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md
index d1f07c2f4c8..3e86a1af0b0 100644
--- a/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md
+++ b/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_volume_with_disabled_transit_encryption)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md b/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md
index ddd2317308b..5abaf237c6d 100644
--- a/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md
+++ b/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_function_without_dead_letter_queue)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md b/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md
index cba58d83ac3..489b5816c42 100644
--- a/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md
+++ b/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md b/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md
index f4ebb9c3c8d..eec6a8d76a0 100644
--- a/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md
+++ b/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_cloudtrail_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md b/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md
index 1817408a553..985bc244ee5 100644
--- a/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md
+++ b/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_public_instance_exposed_through_subnet)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md b/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md
index 3b9e4d23420..994bdc58b85 100644
--- a/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md
+++ b/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_v2_alb_access_log_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md b/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md
index 46461a82517..d35f95025d5 100644
--- a/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md
+++ b/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/elasticache)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md b/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md
index c5179c735f2..cfbed704c8b 100644
--- a/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md
+++ b/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_xray_tracing_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md b/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md
index 549688d5750..2aef3299dd9 100644
--- a/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md
+++ b/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/secrets_manager_should_specify_kms_key_id)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md b/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md
index 9f640163d70..56273cd8682 100644
--- a/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md
+++ b/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_with_aws_owned_cmk)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md b/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md
index fd50c3b44d8..a33da0aeb5a 100644
--- a/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md
+++ b/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/remote_desktop_port_open_to_internet)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md b/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md
index 224e8f87a30..83971107ec8 100644
--- a/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md
+++ b/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_dead_letter_queue)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md b/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md
index f2d7cb6652c..c4942d4bc03 100644
--- a/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md
+++ b/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/wildcard_in_acm_certificate_domain_name)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md b/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md
index 7c3780fa385..975ef181110 100644
--- a/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md
+++ b/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_with_exhibited_admin_ports)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md b/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md
index 2304004e86a..82048b1d265 100644
--- a/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md
+++ b/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_nodes_not_created_across_multi_az)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md b/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md
index 9bb1e8f7f4b..5dd0ead329c 100644
--- a/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md
+++ b/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_task_definition_healthcheck_missing)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md b/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md
index efaa653d5e7..a3fadea012f 100644
--- a/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md
+++ b/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/kinesis)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md b/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md
index 25c8aef3bbf..5bcdecf23cd 100644
--- a/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md
+++ b/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_with_invalid_compression)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md b/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md
index e50f4aa2c9b..5b1738e1065 100644
--- a/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md
+++ b/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/support_has_no_role_associated)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md b/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md
index f9188a8b2b4..8fc61bb80df 100644
--- a/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md
+++ b/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/codebuild_not_encrypted)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md b/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md
index 7a874768433..3216acdc113 100644
--- a/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md
+++ b/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_domain_encryption_with_kms_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md b/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md
index 65d879f7285..dafb963ed40 100644
--- a/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md
+++ b/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kms_key_with_full_permissions)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md b/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md
index c4390b917ac..84c74b1dc6d 100644
--- a/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md
+++ b/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_egress_with_port_range)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md b/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md
index 9cb333f7582..3d68e357c45 100644
--- a/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md
+++ b/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_without_minimum_protocol_tls_1.2)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md b/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md
index c0189fa4f9b..6a02303e746 100644
--- a/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md
+++ b/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_x-ray_tracing)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md b/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md
index 386b0207b17..c793c2cd8fe 100644
--- a/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md
+++ b/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/http_port_open)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md b/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md
index e8d8a0e21bf..2186b8bd7da 100644
--- a/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md
+++ b/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_db_instance_publicly_accessible)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md b/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md
index e02ffb5d8a6..f87ae9d9df8 100644
--- a/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md
+++ b/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_cluster_without_kms_cmk)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md b/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md
index ea0568b1bac..96297259237 100644
--- a/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md
+++ b/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md b/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md
index 1c60cddb61c..097e99cd1c2 100644
--- a/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md
+++ b/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_branch_basic_auth_config_password_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md b/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md
index dd124a70005..a719b1c256c 100644
--- a/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md
+++ b/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_with_security_group_without_inbound_rules)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md b/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md
index d023018917b..130a5f062a2 100644
--- a/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md
+++ b/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/fully_open_ingress)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md b/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md
index 153801c71d4..0c46a3532df 100644
--- a/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md
+++ b/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policy_on_user)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md b/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md
index be37ed12cc5..cfcf0d942a8 100644
--- a/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md
+++ b/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_using_default_vpc)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md b/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md
index 7a97a17802d..8f7176dfd11 100644
--- a/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md
+++ b/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_with_disabled_at_rest_encryption)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md b/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md
index 8c273fcbc3d..946a3871856 100644
--- a/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md
+++ b/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cdn_configuration_is_missing)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md b/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md
index 8fc6769d1bb..21a93d4f1a3 100644
--- a/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md
+++ b/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/mq_broker_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md b/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md
index bff8625a3d0..7c63deecfce 100644
--- a/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md
+++ b/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/default_kms_key_usage)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md b/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md
index 3bc3a76ef72..5d9851d8af4 100644
--- a/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md
+++ b/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/low_rds_backup_retention_period)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md b/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md
index 6e6f6de92a6..9f6f8674175 100644
--- a/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md
+++ b/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policy_grants_assumerole_permission_across_all_services)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md b/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md
index 3612d687302..20ee7553c4b 100644
--- a/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md
+++ b/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/default_security_groups_with_unrestricted_traffic)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md b/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md
index 874fd59a1cf..ac7ebdd3735 100644
--- a/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md
+++ b/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_ssl_certificate)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md b/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md
index 86207bfc254..83f17c440c4 100644
--- a/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md
+++ b/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_logs_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md b/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md
index 0b4e96da3ba..7f85de49a28 100644
--- a/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md
+++ b/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policies_attached_to_user)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md b/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md
index 53b357eff53..996f4a91627 100644
--- a/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md
+++ b/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_access_log_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md b/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md
index 4af9389d05b..a17ccf44a28 100644
--- a/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md
+++ b/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_egress_with_all_protocols)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md b/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md
index 76748a03874..1c7ce8815c7 100644
--- a/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md
+++ b/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/efs)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md b/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md
index cb1fea64621..80c486b809a 100644
--- a/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md
+++ b/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md b/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md
index 1036f693fd0..edfe1561ab3 100644
--- a/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md
+++ b/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_task_definition_invalid_cpu_or_memory)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md b/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md
index 03c75b3c70c..7bcf5d15415 100644
--- a/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md
+++ b/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/tcp_or_udp_protocol_network_acl_entry_allows_all_ports)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md b/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md
index f971a9d76ca..6fd9ec0f3d3 100644
--- a/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md
+++ b/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kms_allows_wildcard_principal)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md b/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md
index 5780ae31284..11b1a20b82c 100644
--- a/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md
+++ b/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md b/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md
index 6a29109754a..08ca8a163a3 100644
--- a/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md
+++ b/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_put_actions_from_all_principals)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md b/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md
index 07f3ac47c9b..166209095db 100644
--- a/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md
+++ b/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_flowlogs_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md b/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md
index af96a755ef3..3e090e9d6e6 100644
--- a/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md
+++ b/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_role_allows_all_principals_to_assume)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md b/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md
index 0b69213cf80..e8b64f8c95c 100644
--- a/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md
+++ b/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_has_no_iam_role)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md b/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md
index 0b01c63106e..8260c7e3d58 100644
--- a/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md
+++ b/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_get_actions_from_all_principals)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md b/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md
index d8fba710548..03e7e084110 100644
--- a/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md
+++ b/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dms_endpoint_mongo_db_settings_password_exposed)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md b/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md
index 0917dea49ef..5e0ec1bcb12 100644
--- a/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md
+++ b/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_list_actions_from_all_principals)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md b/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md
index 54009eefcc9..6441c8b78d0 100644
--- a/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md
+++ b/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_no_load_balancer_attached)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md b/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md
index 33f60de8aaa..3af84a71a30 100644
--- a/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md
+++ b/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/msk_cluster_logging_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md b/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md
index b9eb879d919..f42783af97c 100644
--- a/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md
+++ b/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_waf)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md b/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md
index 3ab88bf8200..d472ec3c769 100644
--- a/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md
+++ b/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/stack_retention_disabled)
### Description
diff --git a/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md b/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md
index 06e34c7b448..7b19e5f8c58 100644
--- a/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md
+++ b/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** CloudFormation
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cmk_unencrypted_storage)
### Description
diff --git a/docs/queries/common-queries.md b/docs/queries/common-queries.md
index 6a62d05faf0..d7efe994997 100644
--- a/docs/queries/common-queries.md
+++ b/docs/queries/common-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from Common.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Passwords And Secrets
a88baa34-e2ad-44ea-ad6f-8cac87bc7c71|High|Secret Management|Query details
Documentation
|
+|Passwords And Secrets
a88baa34-e2ad-44ea-ad6f-8cac87bc7c71|High|Secret Management|Query details
Documentation
|
diff --git a/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md b/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md
index f00cbaf04fe..a8c13f45631 100644
--- a/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md
+++ b/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Common
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** 798
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/common/passwords_and_secrets)
### Description
diff --git a/docs/queries/crossplane-queries.md b/docs/queries/crossplane-queries.md
index 03fc80c3c3d..489502fc220 100644
--- a/docs/queries/crossplane-queries.md
+++ b/docs/queries/crossplane-queries.md
@@ -8,20 +8,20 @@ Below are listed queries related to Crossplane AWS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|DB Instance Storage Not Encrypted
e50eb68a-a4af-4048-8bbe-8ec324421469|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
72840c35-3876-48be-900d-f21b2f0c2ea1|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
a507daa5-0795-4380-960b-dd7bb7c56661|High|Encryption|Query details
Documentation
|
-|Neptune Database Cluster Encryption Disabled
83bf5aca-138a-498e-b9cd-ad5bc5e117b4|High|Encryption|Query details
Documentation
|
-|DB Security Group Has Public Interface
dd667399-8d9d-4a8d-bbb4-e49ab53b2f52|High|Insecure Configurations|Query details
Documentation
|
-|SQS With SSE Disabled
9296f1cc-7a40-45de-bd41-f31745488a0e|Medium|Encryption|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
255b0fcc-9f82-41fe-9229-01b163e3376b|Medium|Insecure Configurations|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
d9dc6429-5140-498a-8f55-a10daac5f000|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without WAF
6d19ce0f-b3d8-4128-ac3d-1064e0f00494|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Logging Disabled
7b590235-1ff4-421b-b9ff-5227134be9bb|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
e6cd49ba-77ed-417f-9bca-4f5303554308|Medium|Observability|Query details
Documentation
|
-|EFS Without KMS
bdecd6db-2600-47dd-a10c-72c97cf17ae9|Low|Encryption|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
0c7a76d9-7dc5-499e-81ac-9245839177cb|Low|Observability|Query details
Documentation
|
-|CloudWatch Without Retention Period Specified
934613fe-b12c-4e5a-95f5-c1dcdffac1ff|Info|Observability|Query details
Documentation
|
+|DB Instance Storage Not Encrypted
e50eb68a-a4af-4048-8bbe-8ec324421469|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
72840c35-3876-48be-900d-f21b2f0c2ea1|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
a507daa5-0795-4380-960b-dd7bb7c56661|High|Encryption|Query details
Documentation
|
+|Neptune Database Cluster Encryption Disabled
83bf5aca-138a-498e-b9cd-ad5bc5e117b4|High|Encryption|Query details
Documentation
|
+|DB Security Group Has Public Interface
dd667399-8d9d-4a8d-bbb4-e49ab53b2f52|High|Insecure Configurations|Query details
Documentation
|
+|SQS With SSE Disabled
9296f1cc-7a40-45de-bd41-f31745488a0e|Medium|Encryption|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
255b0fcc-9f82-41fe-9229-01b163e3376b|Medium|Insecure Configurations|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
d9dc6429-5140-498a-8f55-a10daac5f000|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without WAF
6d19ce0f-b3d8-4128-ac3d-1064e0f00494|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Logging Disabled
7b590235-1ff4-421b-b9ff-5227134be9bb|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
e6cd49ba-77ed-417f-9bca-4f5303554308|Medium|Observability|Query details
Documentation
|
+|EFS Without KMS
bdecd6db-2600-47dd-a10c-72c97cf17ae9|Low|Encryption|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
0c7a76d9-7dc5-499e-81ac-9245839177cb|Low|Observability|Query details
Documentation
|
+|CloudWatch Without Retention Period Specified
934613fe-b12c-4e5a-95f5-c1dcdffac1ff|Info|Observability|Query details
Documentation
|
### AZURE
Below are listed queries related to Crossplane AZURE:
@@ -30,8 +30,8 @@ Below are listed queries related to Crossplane AZURE:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|AKS RBAC Disabled
b2418936-cd47-4ea2-8346-623c0bdb87bd|Medium|Access Control|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
6c7cfec3-c686-4ed2-bf58-a1ec054b63fc|Medium|Insecure Configurations|Query details
Documentation
|
+|AKS RBAC Disabled
b2418936-cd47-4ea2-8346-623c0bdb87bd|Medium|Access Control|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
6c7cfec3-c686-4ed2-bf58-a1ec054b63fc|Medium|Insecure Configurations|Query details
Documentation
|
### GCP
Below are listed queries related to Crossplane GCP:
@@ -40,5 +40,5 @@ Below are listed queries related to Crossplane GCP:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Google Container Node Pool Auto Repair Disabled
b4f65d13-a609-4dc1-af7c-63d2e08bffe9|Medium|Insecure Configurations|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
6c2d627c-de0f-45fb-b33d-dad9bffbb421|Medium|Observability|Query details
Documentation
|
+|Google Container Node Pool Auto Repair Disabled
b4f65d13-a609-4dc1-af7c-63d2e08bffe9|Medium|Insecure Configurations|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
6c2d627c-de0f-45fb-b33d-dad9bffbb421|Medium|Observability|Query details
Documentation
|
diff --git a/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md b/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md
index a33aceaf87c..6c4e3e2abad 100644
--- a/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md
+++ b/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/ecs_cluster_with_container_insights_disabled)
### Description
diff --git a/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md b/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md
index f63630fae42..6ce160fdec3 100644
--- a/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md
+++ b/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudfront_without_minimum_protocol_tls_1.2)
### Description
diff --git a/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md b/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md
index fde98b15055..df16b0b5145 100644
--- a/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md
+++ b/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudfront_without_waf)
### Description
diff --git a/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md b/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md
index 1a89bb50004..6f6117ea677 100644
--- a/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md
+++ b/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/efs_not_encrypted)
### Description
diff --git a/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md b/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md
index b05c8abc364..cac69b21909 100644
--- a/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md
+++ b/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudfront_logging_disabled)
### Description
diff --git a/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md b/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md
index 226d2b75634..d54793c3e4e 100644
--- a/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md
+++ b/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/neptune_database_cluster_encryption_disabled)
### Description
diff --git a/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md b/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md
index 5e422042a64..5d8d31071aa 100644
--- a/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md
+++ b/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/sqs_with_sse_disabled)
### Description
diff --git a/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md b/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md
index 22cc949a184..d49be7c9525 100644
--- a/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md
+++ b/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Info
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudwatch_without_retention_period_specified)
### Description
diff --git a/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md b/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md
index 681b5558428..4003a36bfb6 100644
--- a/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md
+++ b/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/elb_using_weak_ciphers)
### Description
diff --git a/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md b/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md
index dd3c9c988f6..6d935b7538c 100644
--- a/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md
+++ b/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/efs_without_kms)
### Description
diff --git a/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md b/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md
index 45a36a2ad32..a07d4201819 100644
--- a/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md
+++ b/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/rds_db_instance_publicly_accessible)
### Description
diff --git a/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md b/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md
index 624309188f6..3dc078cd339 100644
--- a/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md
+++ b/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/db_security_group_has_public_interface)
### Description
diff --git a/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md b/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md
index 6639ac46c24..fc0fdd88ccf 100644
--- a/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md
+++ b/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/db_instance_storage_not_encrypted)
### Description
diff --git a/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md b/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md
index da47b823a3f..297618400bf 100644
--- a/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md
+++ b/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/docdb_logging_disabled)
### Description
diff --git a/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md b/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md
index 659cafe80eb..287ff5b53ae 100644
--- a/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md
+++ b/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/azure/redis_cache_allows_non_ssl_connections)
### Description
diff --git a/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md b/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md
index a685eb11eeb..ed747a4d388 100644
--- a/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md
+++ b/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/azure/aks_rbac_disabled)
### Description
diff --git a/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md b/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md
index 6fdbf61ea6e..95d7f41beb0 100644
--- a/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md
+++ b/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/gcp/cloud_storage_bucket_logging_not_enabled)
### Description
diff --git a/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md b/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md
index ac2f25548a5..eaa22db5dfc 100644
--- a/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md
+++ b/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Crossplane
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/gcp/google_container_node_pool_auto_repair_disabled)
### Description
diff --git a/docs/queries/dockercompose-queries.md b/docs/queries/dockercompose-queries.md
index 15e06d1fe9f..2c12d004c0b 100644
--- a/docs/queries/dockercompose-queries.md
+++ b/docs/queries/dockercompose-queries.md
@@ -3,24 +3,24 @@ This page contains all queries from DockerCompose.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Docker Socket Mounted In Container
d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b|High|Build Process|Query details
Documentation
|
-|Volume Has Sensitive Host Directory
1c1325ff-831d-43a1-973e-839ae57dfcc0|High|Build Process|Query details
Documentation
|
-|Volume Mounted In Multiple Containers
baa452f0-1f21-4a25-ace5-844e7a5f410d|High|Build Process|Query details
Documentation
|
-|No New Privileges Not Set
27fcc7d6-c49b-46e0-98f1-6c082a6a2750|High|Resource Management|Query details
Documentation
|
-|Privileged Containers Enabled
ae5b6871-7f45-42e0-bb4c-ab300c4d2026|High|Resource Management|Query details
Documentation
|
-|Healthcheck Not Set
698ed579-b239-4f8f-a388-baa4bcb13ef8|Medium|Availability|Query details
Documentation
|
-|Cgroup Not Default
4d9f44c6-2f4a-4317-9bb5-267adbea0232|Medium|Build Process|Query details
Documentation
|
-|Restart Policy On Failure Not Set To 5
2fc99041-ddad-49d5-853f-e35e70a48391|Medium|Build Process|Query details
Documentation
|
-|Container Traffic Not Bound To Host Interface
451d79dc-0588-476a-ad03-3c7f0320abb3|Medium|Networking and Firewall|Query details
Documentation
|
-|Privileged Ports Mapped In Container
bc2908f3-f73c-40a9-8793-c1b7d5544f79|Medium|Networking and Firewall|Query details
Documentation
|
-|Container Capabilities Unrestricted
ce76b7d0-9e77-464d-b86f-c5c48e03e22d|Medium|Resource Management|Query details
Documentation
|
-|Default Seccomp Profile Disabled
404fde2c-bc4b-4371-9747-7054132ac953|Medium|Resource Management|Query details
Documentation
|
-|Host Namespace is Shared
4f31dd9f-2cc3-4751-9b53-67e4af83dac0|Medium|Resource Management|Query details
Documentation
|
-|Memory Not Limited
bb9ac4f7-e13b-423d-a010-c74a1bfbe492|Medium|Resource Management|Query details
Documentation
|
-|Pids Limit Not Set
221e0658-cb2a-44e3-b08a-db96a341d6fa|Medium|Resource Management|Query details
Documentation
|
-|Security Opt Not Set
610e266e-6c12-4bca-9925-1ed0cd29742b|Medium|Resource Management|Query details
Documentation
|
-|Shared Host IPC Namespace
baa3890f-bed7-46f5-ab8f-1da8fc91c729|Medium|Resource Management|Query details
Documentation
|
-|Shared Host Network Namespace
071a71ff-f868-47a4-ac0b-3c59e4ab5443|Medium|Resource Management|Query details
Documentation
|
-|Shared Host User Namespace
8af7162d-6c98-482f-868e-0d33fb675ca8|Medium|Resource Management|Query details
Documentation
|
-|Cpus Not Limited
6b610c50-99fb-4ef0-a5f3-e312fd945bc3|Low|Resource Management|Query details
Documentation
|
-|Shared Volumes Between Containers
8c978947-0ff6-485c-b0c2-0bfca6026466|Info|Insecure Configurations|Query details
Documentation
|
+|Docker Socket Mounted In Container
d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b|High|Build Process|Query details
Documentation
|
+|Volume Has Sensitive Host Directory
1c1325ff-831d-43a1-973e-839ae57dfcc0|High|Build Process|Query details
Documentation
|
+|Volume Mounted In Multiple Containers
baa452f0-1f21-4a25-ace5-844e7a5f410d|High|Build Process|Query details
Documentation
|
+|No New Privileges Not Set
27fcc7d6-c49b-46e0-98f1-6c082a6a2750|High|Resource Management|Query details
Documentation
|
+|Privileged Containers Enabled
ae5b6871-7f45-42e0-bb4c-ab300c4d2026|High|Resource Management|Query details
Documentation
|
+|Healthcheck Not Set
698ed579-b239-4f8f-a388-baa4bcb13ef8|Medium|Availability|Query details
Documentation
|
+|Cgroup Not Default
4d9f44c6-2f4a-4317-9bb5-267adbea0232|Medium|Build Process|Query details
Documentation
|
+|Restart Policy On Failure Not Set To 5
2fc99041-ddad-49d5-853f-e35e70a48391|Medium|Build Process|Query details
Documentation
|
+|Container Traffic Not Bound To Host Interface
451d79dc-0588-476a-ad03-3c7f0320abb3|Medium|Networking and Firewall|Query details
Documentation
|
+|Privileged Ports Mapped In Container
bc2908f3-f73c-40a9-8793-c1b7d5544f79|Medium|Networking and Firewall|Query details
Documentation
|
+|Container Capabilities Unrestricted
ce76b7d0-9e77-464d-b86f-c5c48e03e22d|Medium|Resource Management|Query details
Documentation
|
+|Default Seccomp Profile Disabled
404fde2c-bc4b-4371-9747-7054132ac953|Medium|Resource Management|Query details
Documentation
|
+|Host Namespace is Shared
4f31dd9f-2cc3-4751-9b53-67e4af83dac0|Medium|Resource Management|Query details
Documentation
|
+|Memory Not Limited
bb9ac4f7-e13b-423d-a010-c74a1bfbe492|Medium|Resource Management|Query details
Documentation
|
+|Pids Limit Not Set
221e0658-cb2a-44e3-b08a-db96a341d6fa|Medium|Resource Management|Query details
Documentation
|
+|Security Opt Not Set
610e266e-6c12-4bca-9925-1ed0cd29742b|Medium|Resource Management|Query details
Documentation
|
+|Shared Host IPC Namespace
baa3890f-bed7-46f5-ab8f-1da8fc91c729|Medium|Resource Management|Query details
Documentation
|
+|Shared Host Network Namespace
071a71ff-f868-47a4-ac0b-3c59e4ab5443|Medium|Resource Management|Query details
Documentation
|
+|Shared Host User Namespace
8af7162d-6c98-482f-868e-0d33fb675ca8|Medium|Resource Management|Query details
Documentation
|
+|Cpus Not Limited
6b610c50-99fb-4ef0-a5f3-e312fd945bc3|Low|Resource Management|Query details
Documentation
|
+|Shared Volumes Between Containers
8c978947-0ff6-485c-b0c2-0bfca6026466|Info|Insecure Configurations|Query details
Documentation
|
diff --git a/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md b/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md
index bf9833dd869..d9c9f1448d1 100644
--- a/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md
+++ b/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_host_network_namespace)
### Description
diff --git a/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md b/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md
index 77b00584bb0..568d2654fb6 100644
--- a/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md
+++ b/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** High
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/volume_has_sensitive_host_directory)
### Description
diff --git a/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md b/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md
index 76a3c1ef456..c20966145f6 100644
--- a/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md
+++ b/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/pids_limit_not_set)
### Description
diff --git a/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md b/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md
index cd5d2ea1a7a..d00e4b7c021 100644
--- a/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md
+++ b/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** High
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/no_new_privileges_not_set)
### Description
diff --git a/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md b/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md
index ba68ad8aed0..0387bb950f9 100644
--- a/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md
+++ b/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/restart_policy_on_failure_not_set_to_5)
### Description
diff --git a/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md b/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md
index 322bccad652..3e082a6b674 100644
--- a/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md
+++ b/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/default_seccomp_profile_disabled)
### Description
diff --git a/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md b/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md
index c7b3748676c..abb5239ae03 100644
--- a/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md
+++ b/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/container_traffic_not_bound_to_host_interface)
### Description
diff --git a/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md b/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md
index 0ea1a50cefd..4df9922d65a 100644
--- a/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md
+++ b/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/cgroup_not_default)
### Description
diff --git a/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md b/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md
index a9466214cd3..a5b302b9603 100644
--- a/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md
+++ b/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/host_namespace_is_shared)
### Description
diff --git a/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md b/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md
index 5aa67e36eb6..908ebcf215b 100644
--- a/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md
+++ b/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/security_opt_not_set)
### Description
diff --git a/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md b/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md
index a03d3a5f791..7a0dbf87157 100644
--- a/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md
+++ b/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/healthcheck_not_set)
### Description
diff --git a/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md b/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md
index de94747739c..2ed84a4501c 100644
--- a/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md
+++ b/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/cpus_not_limited)
### Description
diff --git a/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md b/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md
index 754331a7af4..e1ec8d6588b 100644
--- a/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md
+++ b/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_host_user_namespace)
### Description
diff --git a/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md b/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md
index 654519ad9fb..8b4eb642056 100644
--- a/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md
+++ b/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Info
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_volumes_between_containers)
### Description
diff --git a/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md b/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md
index 0386c9de318..79429edf22d 100644
--- a/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md
+++ b/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** High
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/privileged_containers_enabled)
### Description
diff --git a/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md b/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md
index a870c4360be..2228ecebb4a 100644
--- a/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md
+++ b/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_host_ipc_namespace)
### Description
diff --git a/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md b/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md
index 891389964e8..de18d6bf409 100644
--- a/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md
+++ b/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** High
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/volume_mounted_in_multiple_containers)
### Description
diff --git a/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md b/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md
index 3e1de3b9815..1e3ce394dae 100644
--- a/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md
+++ b/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/memory_not_limited)
### Description
diff --git a/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md b/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md
index 084ee9f1ea9..40f76eadc8c 100644
--- a/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md
+++ b/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/privileged_ports_mapped_in_container)
### Description
diff --git a/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md b/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md
index 98c9810fafc..8ce318cb485 100644
--- a/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md
+++ b/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/container_capabilities_unrestricted)
### Description
diff --git a/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md b/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md
index ebc76544ee2..ff15e2b7204 100644
--- a/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md
+++ b/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** DockerCompose
- **Severity:** High
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/docker_socket_mounted_in_container)
### Description
diff --git a/docs/queries/dockerfile-queries.md b/docs/queries/dockerfile-queries.md
index 9fb1d4971bf..751030e5ca8 100644
--- a/docs/queries/dockerfile-queries.md
+++ b/docs/queries/dockerfile-queries.md
@@ -3,51 +3,51 @@ This page contains all queries from Dockerfile.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Last User Is 'root'
67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae|High|Best Practices|Query details
Documentation
|
-|Missing User Instruction
fd54f200-402c-4333-a5a4-36ef6709af2f|High|Build Process|Query details
Documentation
|
-|Changing Default Shell Using RUN Command
8a301064-c291-4b20-adcb-403fe7fd95fd|Medium|Best Practices|Query details
Documentation
|
-|Image Version Using 'latest'
f45ea400-6bbe-4501-9fc7-1c3d75c32067|Medium|Best Practices|Query details
Documentation
|
-|Not Using JSON In CMD And ENTRYPOINT Arguments
b86987e1-6397-4619-81d5-8807f2387c79|Medium|Build Process|Query details
Documentation
|
-|Run Using Sudo
8ada6e80-0ade-439e-b176-0b28f6bce35a|Medium|Insecure Configurations|Query details
Documentation
|
-|Add Instead of Copy
9513a694-aa0d-41d8-be61-3271e056f36b|Medium|Supply-Chain|Query details
Documentation
|
-|Apt Get Install Pin Version Not Defined
965a08d7-ef86-4f14-8792-4a3b2098937e|Medium|Supply-Chain|Query details
Documentation
|
-|Gem Install Without Version
22cd11f7-9c6c-4f6e-84c0-02058120b341|Medium|Supply-Chain|Query details
Documentation
|
-|Image Version Not Explicit
9efb0b2d-89c9-41a3-91ca-dcc0aec911fd|Medium|Supply-Chain|Query details
Documentation
|
-|Missing Version Specification In dnf install
93d88cf7-f078-46a8-8ddc-178e03aeacf1|Medium|Supply-Chain|Query details
Documentation
|
-|Missing Zypper Non-interactive Switch
45e1fca5-f90e-465d-825f-c2cb63fa3944|Medium|Supply-Chain|Query details
Documentation
|
-|NPM Install Command Without Pinned Version
e36d8880-3f78-4546-b9a1-12f0745ca0d5|Medium|Supply-Chain|Query details
Documentation
|
-|Unpinned Package Version in Apk Add
d3499f6d-1651-41bb-a9a7-de925fea487b|Medium|Supply-Chain|Query details
Documentation
|
-|Unpinned Package Version in Pip Install
02d9c71f-3ee8-4986-9c27-1a20d0d19bfc|Medium|Supply-Chain|Query details
Documentation
|
-|Yum install Without Version
6452c424-1d92-4deb-bb18-a03e95d579c4|Medium|Supply-Chain|Query details
Documentation
|
-|Chown Flag Exists
aa93e17f-b6db-4162-9334-c70334e7ac28|Low|Best Practices|Query details
Documentation
|
-|Curl or Wget Instead of Add
4b410d24-1cbe-4430-a632-62c9a931cf1c|Low|Best Practices|Query details
Documentation
|
-|Exposing Port 22 (SSH)
5907595b-5b6d-4142-b173-dbb0e73fbff8|Low|Best Practices|Query details
Documentation
|
-|MAINTAINER Instruction Being Used
99614418-f82b-4852-a9ae-5051402b741c|Low|Best Practices|Query details
Documentation
|
-|Missing Dnf Clean All
295acb63-9246-4b21-b441-7c1f1fb62dc0|Low|Best Practices|Query details
Documentation
|
-|Missing Zypper Clean
38300d1a-feb2-4a48-936a-d1ef1cd24313|Low|Best Practices|Query details
Documentation
|
-|Multiple RUN, ADD, COPY, Instructions Listed
0008c003-79aa-42d8-95b8-1c2fe37dbfe6|Low|Best Practices|Query details
Documentation
|
-|Pip install Keeping Cached Packages
f2f903fb-b977-461e-98d7-b3e2185c6118|Low|Best Practices|Query details
Documentation
|
-|Yum Clean All Missing
00481784-25aa-4a55-8633-3136dfcf4f37|Low|Best Practices|Query details
Documentation
|
-|COPY '--from' References Current FROM Alias
cdddb86f-95f6-4fc4-b5a1-483d9afceb2b|Low|Build Process|Query details
Documentation
|
-|Copy With More Than Two Arguments Not Ending With Slash
6db6e0c2-32a3-4a2e-93b5-72c35f4119db|Low|Build Process|Query details
Documentation
|
-|Multiple CMD Instructions Listed
41c195f4-fc31-4a5c-8a1b-90605538d49f|Low|Build Process|Query details
Documentation
|
-|Multiple ENTRYPOINT Instructions Listed
6938958b-3f1a-451c-909b-baeee14bdc97|Low|Build Process|Query details
Documentation
|
-|RUN Instruction Using 'cd' Instead of WORKDIR
f4a6bcd3-e231-4acf-993c-aa027be50d2e|Low|Build Process|Query details
Documentation
|
-|Same Alias In Different Froms
f2daed12-c802-49cd-afed-fe41d0b82fed|Low|Build Process|Query details
Documentation
|
-|Update Instruction Alone
9bae49be-0aa3-4de5-bab2-4c3a069e40cd|Low|Build Process|Query details
Documentation
|
-|Using Unnamed Build Stages
68a51e22-ae5a-4d48-8e87-b01a323605c9|Low|Build Process|Query details
Documentation
|
-|WORKDIR Path Not Absolute
6b376af8-cfe8-49ab-a08d-f32de23661a4|Low|Build Process|Query details
Documentation
|
-|Healthcheck Instruction Missing
b03a748a-542d-44f4-bb86-9199ab4fd2d5|Low|Insecure Configurations|Query details
Documentation
|
-|Shell Running A Pipe Without Pipefail Flag
efbf148a-67e9-42d2-ac47-02fa1c0d0b22|Low|Insecure Defaults|Query details
Documentation
|
-|APT-GET Missing Flags To Avoid Manual Input
77783205-c4ca-4f80-bb80-c777f267c547|Low|Supply-Chain|Query details
Documentation
|
-|Missing Flag From Dnf Install
7ebd323c-31b7-4e5b-b26f-de5e9e477af8|Low|Supply-Chain|Query details
Documentation
|
-|Run Using 'wget' and 'curl'
fc775e75-fcfb-4c98-b2f2-910c5858b359|Low|Supply-Chain|Query details
Documentation
|
-|Run Using apt
b84a0b47-2e99-4c9f-8933-98bcabe2b94d|Low|Supply-Chain|Query details
Documentation
|
-|Yum Install Allows Manual Input
6e19193a-8753-436d-8a09-76dcff91bb03|Low|Supply-Chain|Query details
Documentation
|
-|Zypper Install Without Version
562952e4-0348-4dea-9826-44f3a2c6117b|Low|Supply-Chain|Query details
Documentation
|
-|Using Platform Flag with FROM Command
b16e8501-ef3c-44e1-a543-a093238099c9|Info|Best Practices|Query details
Documentation
|
-|UNIX Ports Out Of Range
71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e|Info|Networking and Firewall|Query details
Documentation
|
-|Apk Add Using Local Cache Path
ae9c56a6-3ed1-4ac0-9b54-31267f51151d|Info|Supply-Chain|Query details
Documentation
|
-|Apt Get Install Lists Were Not Deleted
df746b39-6564-4fed-bf85-e9c44382303c|Info|Supply-Chain|Query details
Documentation
|
-|APT-GET Not Avoiding Additional Packages
7384dfb2-fcd1-4fbf-91cd-6c44c318c33c|Info|Supply-Chain|Query details
Documentation
|
-|Run Utilities And POSIX Commands
9b6b0f38-92a2-41f9-b881-3a1083d99f1b|Info|Supply-Chain|Query details
Documentation
|
+|Last User Is 'root'
67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae|High|Best Practices|Query details
Documentation
|
+|Missing User Instruction
fd54f200-402c-4333-a5a4-36ef6709af2f|High|Build Process|Query details
Documentation
|
+|Changing Default Shell Using RUN Command
8a301064-c291-4b20-adcb-403fe7fd95fd|Medium|Best Practices|Query details
Documentation
|
+|Image Version Using 'latest'
f45ea400-6bbe-4501-9fc7-1c3d75c32067|Medium|Best Practices|Query details
Documentation
|
+|Not Using JSON In CMD And ENTRYPOINT Arguments
b86987e1-6397-4619-81d5-8807f2387c79|Medium|Build Process|Query details
Documentation
|
+|Run Using Sudo
8ada6e80-0ade-439e-b176-0b28f6bce35a|Medium|Insecure Configurations|Query details
Documentation
|
+|Add Instead of Copy
9513a694-aa0d-41d8-be61-3271e056f36b|Medium|Supply-Chain|Query details
Documentation
|
+|Apt Get Install Pin Version Not Defined
965a08d7-ef86-4f14-8792-4a3b2098937e|Medium|Supply-Chain|Query details
Documentation
|
+|Gem Install Without Version
22cd11f7-9c6c-4f6e-84c0-02058120b341|Medium|Supply-Chain|Query details
Documentation
|
+|Image Version Not Explicit
9efb0b2d-89c9-41a3-91ca-dcc0aec911fd|Medium|Supply-Chain|Query details
Documentation
|
+|Missing Version Specification In dnf install
93d88cf7-f078-46a8-8ddc-178e03aeacf1|Medium|Supply-Chain|Query details
Documentation
|
+|Missing Zypper Non-interactive Switch
45e1fca5-f90e-465d-825f-c2cb63fa3944|Medium|Supply-Chain|Query details
Documentation
|
+|NPM Install Command Without Pinned Version
e36d8880-3f78-4546-b9a1-12f0745ca0d5|Medium|Supply-Chain|Query details
Documentation
|
+|Unpinned Package Version in Apk Add
d3499f6d-1651-41bb-a9a7-de925fea487b|Medium|Supply-Chain|Query details
Documentation
|
+|Unpinned Package Version in Pip Install
02d9c71f-3ee8-4986-9c27-1a20d0d19bfc|Medium|Supply-Chain|Query details
Documentation
|
+|Yum install Without Version
6452c424-1d92-4deb-bb18-a03e95d579c4|Medium|Supply-Chain|Query details
Documentation
|
+|Chown Flag Exists
aa93e17f-b6db-4162-9334-c70334e7ac28|Low|Best Practices|Query details
Documentation
|
+|Curl or Wget Instead of Add
4b410d24-1cbe-4430-a632-62c9a931cf1c|Low|Best Practices|Query details
Documentation
|
+|Exposing Port 22 (SSH)
5907595b-5b6d-4142-b173-dbb0e73fbff8|Low|Best Practices|Query details
Documentation
|
+|MAINTAINER Instruction Being Used
99614418-f82b-4852-a9ae-5051402b741c|Low|Best Practices|Query details
Documentation
|
+|Missing Dnf Clean All
295acb63-9246-4b21-b441-7c1f1fb62dc0|Low|Best Practices|Query details
Documentation
|
+|Missing Zypper Clean
38300d1a-feb2-4a48-936a-d1ef1cd24313|Low|Best Practices|Query details
Documentation
|
+|Multiple RUN, ADD, COPY, Instructions Listed
0008c003-79aa-42d8-95b8-1c2fe37dbfe6|Low|Best Practices|Query details
Documentation
|
+|Pip install Keeping Cached Packages
f2f903fb-b977-461e-98d7-b3e2185c6118|Low|Best Practices|Query details
Documentation
|
+|Yum Clean All Missing
00481784-25aa-4a55-8633-3136dfcf4f37|Low|Best Practices|Query details
Documentation
|
+|COPY '--from' References Current FROM Alias
cdddb86f-95f6-4fc4-b5a1-483d9afceb2b|Low|Build Process|Query details
Documentation
|
+|Copy With More Than Two Arguments Not Ending With Slash
6db6e0c2-32a3-4a2e-93b5-72c35f4119db|Low|Build Process|Query details
Documentation
|
+|Multiple CMD Instructions Listed
41c195f4-fc31-4a5c-8a1b-90605538d49f|Low|Build Process|Query details
Documentation
|
+|Multiple ENTRYPOINT Instructions Listed
6938958b-3f1a-451c-909b-baeee14bdc97|Low|Build Process|Query details
Documentation
|
+|RUN Instruction Using 'cd' Instead of WORKDIR
f4a6bcd3-e231-4acf-993c-aa027be50d2e|Low|Build Process|Query details
Documentation
|
+|Same Alias In Different Froms
f2daed12-c802-49cd-afed-fe41d0b82fed|Low|Build Process|Query details
Documentation
|
+|Update Instruction Alone
9bae49be-0aa3-4de5-bab2-4c3a069e40cd|Low|Build Process|Query details
Documentation
|
+|Using Unnamed Build Stages
68a51e22-ae5a-4d48-8e87-b01a323605c9|Low|Build Process|Query details
Documentation
|
+|WORKDIR Path Not Absolute
6b376af8-cfe8-49ab-a08d-f32de23661a4|Low|Build Process|Query details
Documentation
|
+|Healthcheck Instruction Missing
b03a748a-542d-44f4-bb86-9199ab4fd2d5|Low|Insecure Configurations|Query details
Documentation
|
+|Shell Running A Pipe Without Pipefail Flag
efbf148a-67e9-42d2-ac47-02fa1c0d0b22|Low|Insecure Defaults|Query details
Documentation
|
+|APT-GET Missing Flags To Avoid Manual Input
77783205-c4ca-4f80-bb80-c777f267c547|Low|Supply-Chain|Query details
Documentation
|
+|Missing Flag From Dnf Install
7ebd323c-31b7-4e5b-b26f-de5e9e477af8|Low|Supply-Chain|Query details
Documentation
|
+|Run Using 'wget' and 'curl'
fc775e75-fcfb-4c98-b2f2-910c5858b359|Low|Supply-Chain|Query details
Documentation
|
+|Run Using apt
b84a0b47-2e99-4c9f-8933-98bcabe2b94d|Low|Supply-Chain|Query details
Documentation
|
+|Yum Install Allows Manual Input
6e19193a-8753-436d-8a09-76dcff91bb03|Low|Supply-Chain|Query details
Documentation
|
+|Zypper Install Without Version
562952e4-0348-4dea-9826-44f3a2c6117b|Low|Supply-Chain|Query details
Documentation
|
+|Using Platform Flag with FROM Command
b16e8501-ef3c-44e1-a543-a093238099c9|Info|Best Practices|Query details
Documentation
|
+|UNIX Ports Out Of Range
71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e|Info|Networking and Firewall|Query details
Documentation
|
+|Apk Add Using Local Cache Path
ae9c56a6-3ed1-4ac0-9b54-31267f51151d|Info|Supply-Chain|Query details
Documentation
|
+|Apt Get Install Lists Were Not Deleted
df746b39-6564-4fed-bf85-e9c44382303c|Info|Supply-Chain|Query details
Documentation
|
+|APT-GET Not Avoiding Additional Packages
7384dfb2-fcd1-4fbf-91cd-6c44c318c33c|Info|Supply-Chain|Query details
Documentation
|
+|Run Utilities And POSIX Commands
9b6b0f38-92a2-41f9-b881-3a1083d99f1b|Info|Supply-Chain|Query details
Documentation
|
diff --git a/docs/queries/dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6.md b/docs/queries/dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6.md
index 946b10bd7ca..c31760980c7 100644
--- a/docs/queries/dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6.md
+++ b/docs/queries/dockerfile-queries/0008c003-79aa-42d8-95b8-1c2fe37dbfe6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/multiple_run_add_copy_instructions_listed)
### Description
diff --git a/docs/queries/dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37.md b/docs/queries/dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37.md
index 27c370604e0..d01585a77ab 100644
--- a/docs/queries/dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37.md
+++ b/docs/queries/dockerfile-queries/00481784-25aa-4a55-8633-3136dfcf4f37.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 459
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/yum_clean_all_missing)
### Description
diff --git a/docs/queries/dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc.md b/docs/queries/dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc.md
index dc943d2a8ed..2fc574ed6ee 100644
--- a/docs/queries/dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc.md
+++ b/docs/queries/dockerfile-queries/02d9c71f-3ee8-4986-9c27-1a20d0d19bfc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/unpinned_package_version_in_pip_install)
### Description
diff --git a/docs/queries/dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341.md b/docs/queries/dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341.md
index 5c9abc0bdc5..b7263d360e3 100644
--- a/docs/queries/dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341.md
+++ b/docs/queries/dockerfile-queries/22cd11f7-9c6c-4f6e-84c0-02058120b341.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/gem_install_without_version)
### Description
diff --git a/docs/queries/dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0.md b/docs/queries/dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0.md
index 223f34184e0..09ed33cb9d8 100644
--- a/docs/queries/dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0.md
+++ b/docs/queries/dockerfile-queries/295acb63-9246-4b21-b441-7c1f1fb62dc0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 459
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/missing_dnf_clean_all)
### Description
diff --git a/docs/queries/dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313.md b/docs/queries/dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313.md
index 8abe2686e26..282654fc4e0 100644
--- a/docs/queries/dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313.md
+++ b/docs/queries/dockerfile-queries/38300d1a-feb2-4a48-936a-d1ef1cd24313.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 459
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/missing_zypper_clean)
### Description
diff --git a/docs/queries/dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f.md b/docs/queries/dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f.md
index 1ee2c541afd..42a2d63666d 100644
--- a/docs/queries/dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f.md
+++ b/docs/queries/dockerfile-queries/41c195f4-fc31-4a5c-8a1b-90605538d49f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 1041
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/multiple_cmd_instructions_listed)
### Description
diff --git a/docs/queries/dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944.md b/docs/queries/dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944.md
index d2450d89a65..ae2dfd16cb7 100644
--- a/docs/queries/dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944.md
+++ b/docs/queries/dockerfile-queries/45e1fca5-f90e-465d-825f-c2cb63fa3944.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/missing_zypper_non_interactive_switch)
### Description
diff --git a/docs/queries/dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c.md b/docs/queries/dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c.md
index 120febf805d..dddabc299d9 100644
--- a/docs/queries/dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c.md
+++ b/docs/queries/dockerfile-queries/4b410d24-1cbe-4430-a632-62c9a931cf1c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 610
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/curl_or_wget_instead_of_add)
### Description
diff --git a/docs/queries/dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b.md b/docs/queries/dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b.md
index a83db21af64..a7baba460ea 100644
--- a/docs/queries/dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b.md
+++ b/docs/queries/dockerfile-queries/562952e4-0348-4dea-9826-44f3a2c6117b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/zypper_install_without_version)
### Description
diff --git a/docs/queries/dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8.md b/docs/queries/dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8.md
index b042c8a44b1..f58989d96b0 100644
--- a/docs/queries/dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8.md
+++ b/docs/queries/dockerfile-queries/5907595b-5b6d-4142-b173-dbb0e73fbff8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/exposing_port_22)
### Description
diff --git a/docs/queries/dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4.md b/docs/queries/dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4.md
index dce9a0ba1c8..29412a6a17a 100644
--- a/docs/queries/dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4.md
+++ b/docs/queries/dockerfile-queries/6452c424-1d92-4deb-bb18-a03e95d579c4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/yum_install_without_version)
### Description
diff --git a/docs/queries/dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae.md b/docs/queries/dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae.md
index d3cb9939d14..eee035c2489 100644
--- a/docs/queries/dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae.md
+++ b/docs/queries/dockerfile-queries/67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** High
- **Category:** Best Practices
+- **CWE:** 250
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/last_user_is_root)
### Description
diff --git a/docs/queries/dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9.md b/docs/queries/dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9.md
index 0ef21c2f0bf..6bc9bbe7dbc 100644
--- a/docs/queries/dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9.md
+++ b/docs/queries/dockerfile-queries/68a51e22-ae5a-4d48-8e87-b01a323605c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/using_unnamed_build_stages)
### Description
diff --git a/docs/queries/dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97.md b/docs/queries/dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97.md
index b294e03e7ea..aea9e5b3895 100644
--- a/docs/queries/dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97.md
+++ b/docs/queries/dockerfile-queries/6938958b-3f1a-451c-909b-baeee14bdc97.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 1041
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/multiple_entrypoint_instructions_listed)
### Description
diff --git a/docs/queries/dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4.md b/docs/queries/dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4.md
index e4431fdde23..11631a99475 100644
--- a/docs/queries/dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4.md
+++ b/docs/queries/dockerfile-queries/6b376af8-cfe8-49ab-a08d-f32de23661a4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 665
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/workdir_path_not_absolute)
### Description
diff --git a/docs/queries/dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db.md b/docs/queries/dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db.md
index 589be96939d..22fb23113a2 100644
--- a/docs/queries/dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db.md
+++ b/docs/queries/dockerfile-queries/6db6e0c2-32a3-4a2e-93b5-72c35f4119db.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 628
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/copy_with_more_than_two_arguments_not_ending_with_slash)
### Description
diff --git a/docs/queries/dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03.md b/docs/queries/dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03.md
index 79f350de969..b14ecef7868 100644
--- a/docs/queries/dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03.md
+++ b/docs/queries/dockerfile-queries/6e19193a-8753-436d-8a09-76dcff91bb03.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/yum_install_allows_manual_input)
### Description
diff --git a/docs/queries/dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e.md b/docs/queries/dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e.md
index 2b6c0ccb41a..666b8e06662 100644
--- a/docs/queries/dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e.md
+++ b/docs/queries/dockerfile-queries/71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Info
- **Category:** Networking and Firewall
+- **CWE:** 682
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/unix_ports_out_of_range)
### Description
diff --git a/docs/queries/dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c.md b/docs/queries/dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c.md
index 659b6bbdbad..8c598205984 100644
--- a/docs/queries/dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c.md
+++ b/docs/queries/dockerfile-queries/7384dfb2-fcd1-4fbf-91cd-6c44c318c33c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Info
- **Category:** Supply-Chain
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/apt_get_not_avoiding_additional_packages)
### Description
diff --git a/docs/queries/dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547.md b/docs/queries/dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547.md
index 8f5271a7cd0..4164ab45dca 100644
--- a/docs/queries/dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547.md
+++ b/docs/queries/dockerfile-queries/77783205-c4ca-4f80-bb80-c777f267c547.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/apt_get_missing_flags_to_avoid_manual_input)
### Description
diff --git a/docs/queries/dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8.md b/docs/queries/dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8.md
index ce255b71281..ae2846127f8 100644
--- a/docs/queries/dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8.md
+++ b/docs/queries/dockerfile-queries/7ebd323c-31b7-4e5b-b26f-de5e9e477af8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/missing_flag_from_dnf_install)
### Description
diff --git a/docs/queries/dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd.md b/docs/queries/dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd.md
index cf44432c4ab..a2bd7460178 100644
--- a/docs/queries/dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd.md
+++ b/docs/queries/dockerfile-queries/8a301064-c291-4b20-adcb-403fe7fd95fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/changing_default_shell_using_run_command)
### Description
diff --git a/docs/queries/dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a.md b/docs/queries/dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a.md
index 92504bedc3a..ce2ee25c825 100644
--- a/docs/queries/dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a.md
+++ b/docs/queries/dockerfile-queries/8ada6e80-0ade-439e-b176-0b28f6bce35a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** 440
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/run_using_sudo)
### Description
diff --git a/docs/queries/dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1.md b/docs/queries/dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1.md
index 23017e8e78d..9831dea961f 100644
--- a/docs/queries/dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1.md
+++ b/docs/queries/dockerfile-queries/93d88cf7-f078-46a8-8ddc-178e03aeacf1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/missing_version_specification_in_dnf_install)
### Description
diff --git a/docs/queries/dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b.md b/docs/queries/dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b.md
index 95317b6d726..64f8a0ec1b9 100644
--- a/docs/queries/dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b.md
+++ b/docs/queries/dockerfile-queries/9513a694-aa0d-41d8-be61-3271e056f36b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 610
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/add_instead_of_copy)
### Description
diff --git a/docs/queries/dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e.md b/docs/queries/dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e.md
index 2b676ef5ced..a35cbcf24a6 100644
--- a/docs/queries/dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e.md
+++ b/docs/queries/dockerfile-queries/965a08d7-ef86-4f14-8792-4a3b2098937e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/apt_get_install_pin_version_not_defined)
### Description
diff --git a/docs/queries/dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c.md b/docs/queries/dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c.md
index 7affe09a5ba..dc7d252f9f3 100644
--- a/docs/queries/dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c.md
+++ b/docs/queries/dockerfile-queries/99614418-f82b-4852-a9ae-5051402b741c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/maintainer_instruction_being_used)
### Description
diff --git a/docs/queries/dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b.md b/docs/queries/dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b.md
index 7eb98b74781..1dba8682072 100644
--- a/docs/queries/dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b.md
+++ b/docs/queries/dockerfile-queries/9b6b0f38-92a2-41f9-b881-3a1083d99f1b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Info
- **Category:** Supply-Chain
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/run_utilities_and_posix_commands)
### Description
diff --git a/docs/queries/dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd.md b/docs/queries/dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd.md
index 2b1cd733779..8924752836c 100644
--- a/docs/queries/dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd.md
+++ b/docs/queries/dockerfile-queries/9bae49be-0aa3-4de5-bab2-4c3a069e40cd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/update_instruction_alone)
### Description
diff --git a/docs/queries/dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd.md b/docs/queries/dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd.md
index 2b35ab8df46..285b24e37d0 100644
--- a/docs/queries/dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd.md
+++ b/docs/queries/dockerfile-queries/9efb0b2d-89c9-41a3-91ca-dcc0aec911fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/image_version_not_explicit)
### Description
diff --git a/docs/queries/dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28.md b/docs/queries/dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28.md
index 7dd2f3bb523..be3bbf32f0b 100644
--- a/docs/queries/dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28.md
+++ b/docs/queries/dockerfile-queries/aa93e17f-b6db-4162-9334-c70334e7ac28.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 282
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/chown_flag_exists)
### Description
diff --git a/docs/queries/dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d.md b/docs/queries/dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d.md
index f8610cbcbed..49f1c66f9f3 100644
--- a/docs/queries/dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d.md
+++ b/docs/queries/dockerfile-queries/ae9c56a6-3ed1-4ac0-9b54-31267f51151d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Info
- **Category:** Supply-Chain
+- **CWE:** 459
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/apk_add_using_local_cache_path)
### Description
diff --git a/docs/queries/dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5.md b/docs/queries/dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5.md
index 9c79731040f..3687988b22c 100644
--- a/docs/queries/dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5.md
+++ b/docs/queries/dockerfile-queries/b03a748a-542d-44f4-bb86-9199ab4fd2d5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/healthcheck_instruction_missing)
### Description
diff --git a/docs/queries/dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9.md b/docs/queries/dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9.md
index 70640f8cda8..cb3e097c90f 100644
--- a/docs/queries/dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9.md
+++ b/docs/queries/dockerfile-queries/b16e8501-ef3c-44e1-a543-a093238099c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** 695
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/using_platform_with_from)
### Description
diff --git a/docs/queries/dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d.md b/docs/queries/dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d.md
index 230fe1da816..ad4099a9da1 100644
--- a/docs/queries/dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d.md
+++ b/docs/queries/dockerfile-queries/b84a0b47-2e99-4c9f-8933-98bcabe2b94d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** 758
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/run_using_apt)
### Description
diff --git a/docs/queries/dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79.md b/docs/queries/dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79.md
index f005c9ab4fd..c60b717183d 100644
--- a/docs/queries/dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79.md
+++ b/docs/queries/dockerfile-queries/b86987e1-6397-4619-81d5-8807f2387c79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** 573
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/not_using_json_in_cmd_and_entrypoint_arguments)
### Description
diff --git a/docs/queries/dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b.md b/docs/queries/dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b.md
index d76c1787326..69e2a8ac868 100644
--- a/docs/queries/dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b.md
+++ b/docs/queries/dockerfile-queries/cdddb86f-95f6-4fc4-b5a1-483d9afceb2b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 706
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/copy_from_references_current_from_alias)
### Description
diff --git a/docs/queries/dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b.md b/docs/queries/dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b.md
index 1a80d71bbe7..baf5fd2e4bb 100644
--- a/docs/queries/dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b.md
+++ b/docs/queries/dockerfile-queries/d3499f6d-1651-41bb-a9a7-de925fea487b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/unpinned_package_version_in_apk_add)
### Description
diff --git a/docs/queries/dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c.md b/docs/queries/dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c.md
index 4e765746295..ec43bfeed31 100644
--- a/docs/queries/dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c.md
+++ b/docs/queries/dockerfile-queries/df746b39-6564-4fed-bf85-e9c44382303c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Info
- **Category:** Supply-Chain
+- **CWE:** 459
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/apt_get_install_lists_were_not_deleted)
### Description
diff --git a/docs/queries/dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5.md b/docs/queries/dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5.md
index a6708a4b528..7bf3a0093e2 100644
--- a/docs/queries/dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5.md
+++ b/docs/queries/dockerfile-queries/e36d8880-3f78-4546-b9a1-12f0745ca0d5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Supply-Chain
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/npm_install_without_pinned_version)
### Description
diff --git a/docs/queries/dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22.md b/docs/queries/dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22.md
index 54b8a400ffb..f744bde603e 100644
--- a/docs/queries/dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22.md
+++ b/docs/queries/dockerfile-queries/efbf148a-67e9-42d2-ac47-02fa1c0d0b22.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Insecure Defaults
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/shell_running_a_pipe_without_pipefail_flag)
### Description
diff --git a/docs/queries/dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed.md b/docs/queries/dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed.md
index 89d76bf382f..6e735f21811 100644
--- a/docs/queries/dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed.md
+++ b/docs/queries/dockerfile-queries/f2daed12-c802-49cd-afed-fe41d0b82fed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 694
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/same_alias_in_different_froms)
### Description
diff --git a/docs/queries/dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118.md b/docs/queries/dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118.md
index b1db11469bf..f2c217ed7c7 100644
--- a/docs/queries/dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118.md
+++ b/docs/queries/dockerfile-queries/f2f903fb-b977-461e-98d7-b3e2185c6118.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** 459
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/pip_install_keeping_cached_packages)
### Description
diff --git a/docs/queries/dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067.md b/docs/queries/dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067.md
index d93f920da58..e897ed32337 100644
--- a/docs/queries/dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067.md
+++ b/docs/queries/dockerfile-queries/f45ea400-6bbe-4501-9fc7-1c3d75c32067.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** 1357
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/image_version_using_latest)
### Description
diff --git a/docs/queries/dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e.md b/docs/queries/dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e.md
index 75a7024fcbf..02d736c4e55 100644
--- a/docs/queries/dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e.md
+++ b/docs/queries/dockerfile-queries/f4a6bcd3-e231-4acf-993c-aa027be50d2e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** 710
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/run_command_cd_instead_of_workdir)
### Description
diff --git a/docs/queries/dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359.md b/docs/queries/dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359.md
index 37d00fb73c0..a796a2eac1c 100644
--- a/docs/queries/dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359.md
+++ b/docs/queries/dockerfile-queries/fc775e75-fcfb-4c98-b2f2-910c5858b359.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** 1041
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/run_using_wget_and_curl)
### Description
diff --git a/docs/queries/dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f.md b/docs/queries/dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f.md
index ac542b3fccc..8e9ad73bf58 100644
--- a/docs/queries/dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f.md
+++ b/docs/queries/dockerfile-queries/fd54f200-402c-4333-a5a4-36ef6709af2f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Dockerfile
- **Severity:** High
- **Category:** Build Process
+- **CWE:** 250
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/missing_user_instruction)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries.md b/docs/queries/googledeploymentmanager-queries.md
index 422a620b0e8..35987599243 100644
--- a/docs/queries/googledeploymentmanager-queries.md
+++ b/docs/queries/googledeploymentmanager-queries.md
@@ -8,38 +8,38 @@ Below are listed queries related to GoogleDeploymentManager GCP:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Cloud Storage Anonymous or Publicly Accessible
63ae3638-a38c-4ff4-b616-6e1f72a31a6a|Critical|Access Control|Query details
Documentation
|
-|BigQuery Dataset Is Public
83103dff-d57f-42a8-bd81-40abab64c1a7|High|Access Control|Query details
Documentation
|
-|SQL DB Instance With SSL Disabled
660360d3-9ca7-46d1-b147-3acc4002953f|High|Encryption|Query details
Documentation
|
-|Client Certificate Disabled
dd690686-2bf9-4012-a821-f61912dd77be|High|Insecure Configurations|Query details
Documentation
|
-|GKE Legacy Authorization Enabled
df58d46c-783b-43e0-bdd0-d99164f712ee|High|Insecure Configurations|Query details
Documentation
|
-|Google Storage Bucket Level Access Disabled
1239f54b-33de-482a-8132-faebe288e6a6|High|Insecure Configurations|Query details
Documentation
|
-|MySQL Instance With Local Infile On
c759d6f2-4dd3-4160-82d3-89202ef10d87|High|Insecure Configurations|Query details
Documentation
|
-|RDP Access Is Not Restricted
50cb6c3b-c878-4b88-b50e-d1421bada9e8|High|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Is Publicly Accessible
77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc|Medium|Access Control|Query details
Documentation
|
-|SQL DB Instance Backup Disabled
a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01|Medium|Backup|Query details
Documentation
|
-|Disk Encryption Disabled
fc040fb6-4c23-4c0d-b12a-39edac35debb|Medium|Encryption|Query details
Documentation
|
-|DNSSEC Using RSASHA1
6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35|Medium|Encryption|Query details
Documentation
|
-|Cloud DNS Without DNSSEC
313d6deb-3b67-4948-b41d-35b699c2492e|Medium|Insecure Configurations|Query details
Documentation
|
-|Cluster Master Authentication Disabled
7ef7d141-9fbb-4679-a977-fd0883436906|Medium|Insecure Configurations|Query details
Documentation
|
-|IP Aliasing Disabled
28727987-e398-49b8-aef1-8a3e7789d111|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Policy Disabled
c47f90e8-4a19-43f0-8413-cc434d286c4e|Medium|Insecure Configurations|Query details
Documentation
|
-|OSLogin Is Disabled In VM Instance
e66e1b71-c810-4b4e-a737-0ab59e7f5e41|Medium|Insecure Configurations|Query details
Documentation
|
-|Private Cluster Disabled
48c61fbd-09c9-46cc-a521-012e0c325412|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded VM Disabled
9038b526-4c19-4928-bca2-c03d503bdb79|Medium|Insecure Configurations|Query details
Documentation
|
-|Compute Instance Is Publicly Accessible
8212e2d7-e683-49bc-bf78-d6799075c5a7|Medium|Networking and Firewall|Query details
Documentation
|
-|GKE Master Authorized Networks Disabled
62c8cf50-87f0-4295-a974-8184ed78fe02|Medium|Networking and Firewall|Query details
Documentation
|
-|IP Forwarding Enabled
7c98538a-81c6-444b-bf04-e60bc3ceeec0|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Access Is Not Restricted
dee21308-2a7a-49de-8ff7-c9b87e188575|Medium|Networking and Firewall|Query details
Documentation
|
-|Bucket Without Versioning
227c2f58-70c6-4432-8e9a-a89c1a548cf5|Medium|Observability|Query details
Documentation
|
-|Cloud Storage Bucket Versioning Disabled
ad0875c1-0b39-4890-9149-173158ba3bba|Medium|Observability|Query details
Documentation
|
-|Stackdriver Logging Disabled
95601b9a-7fe8-4aee-9b58-d36fd9382dfc|Medium|Observability|Query details
Documentation
|
-|Stackdriver Monitoring Disabled
bbfc97ab-e92a-4a7b-954c-e88cec815011|Medium|Observability|Query details
Documentation
|
-|Node Auto Upgrade Disabled
dc5c5fee-6c53-43b0-ab11-4c660e064aaf|Medium|Resource Management|Query details
Documentation
|
-|Project-wide SSH Keys Are Enabled In VM Instances
6e2b1ec1-1eca-4eb7-9d4d-2882680b4811|Medium|Secret Management|Query details
Documentation
|
-|Cluster Labels Disabled
8810968b-4b15-421d-918b-d91eb4bb8d1d|Low|Insecure Configurations|Query details
Documentation
|
-|COS Node Image Not Used
dbe058d7-b82e-430b-8426-992b2e4677e7|Low|Insecure Configurations|Query details
Documentation
|
-|Not Proper Email Account In Use
a21b8df3-c840-4b3d-a41a-10fb2afda171|Low|Insecure Configurations|Query details
Documentation
|
+|Cloud Storage Anonymous or Publicly Accessible
63ae3638-a38c-4ff4-b616-6e1f72a31a6a|Critical|Access Control|Query details
Documentation
|
+|BigQuery Dataset Is Public
83103dff-d57f-42a8-bd81-40abab64c1a7|High|Access Control|Query details
Documentation
|
+|SQL DB Instance With SSL Disabled
660360d3-9ca7-46d1-b147-3acc4002953f|High|Encryption|Query details
Documentation
|
+|Client Certificate Disabled
dd690686-2bf9-4012-a821-f61912dd77be|High|Insecure Configurations|Query details
Documentation
|
+|GKE Legacy Authorization Enabled
df58d46c-783b-43e0-bdd0-d99164f712ee|High|Insecure Configurations|Query details
Documentation
|
+|Google Storage Bucket Level Access Disabled
1239f54b-33de-482a-8132-faebe288e6a6|High|Insecure Configurations|Query details
Documentation
|
+|MySQL Instance With Local Infile On
c759d6f2-4dd3-4160-82d3-89202ef10d87|High|Insecure Configurations|Query details
Documentation
|
+|RDP Access Is Not Restricted
50cb6c3b-c878-4b88-b50e-d1421bada9e8|High|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Is Publicly Accessible
77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc|Medium|Access Control|Query details
Documentation
|
+|SQL DB Instance Backup Disabled
a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01|Medium|Backup|Query details
Documentation
|
+|Disk Encryption Disabled
fc040fb6-4c23-4c0d-b12a-39edac35debb|Medium|Encryption|Query details
Documentation
|
+|DNSSEC Using RSASHA1
6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35|Medium|Encryption|Query details
Documentation
|
+|Cloud DNS Without DNSSEC
313d6deb-3b67-4948-b41d-35b699c2492e|Medium|Insecure Configurations|Query details
Documentation
|
+|Cluster Master Authentication Disabled
7ef7d141-9fbb-4679-a977-fd0883436906|Medium|Insecure Configurations|Query details
Documentation
|
+|IP Aliasing Disabled
28727987-e398-49b8-aef1-8a3e7789d111|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Policy Disabled
c47f90e8-4a19-43f0-8413-cc434d286c4e|Medium|Insecure Configurations|Query details
Documentation
|
+|OSLogin Is Disabled In VM Instance
e66e1b71-c810-4b4e-a737-0ab59e7f5e41|Medium|Insecure Configurations|Query details
Documentation
|
+|Private Cluster Disabled
48c61fbd-09c9-46cc-a521-012e0c325412|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded VM Disabled
9038b526-4c19-4928-bca2-c03d503bdb79|Medium|Insecure Configurations|Query details
Documentation
|
+|Compute Instance Is Publicly Accessible
8212e2d7-e683-49bc-bf78-d6799075c5a7|Medium|Networking and Firewall|Query details
Documentation
|
+|GKE Master Authorized Networks Disabled
62c8cf50-87f0-4295-a974-8184ed78fe02|Medium|Networking and Firewall|Query details
Documentation
|
+|IP Forwarding Enabled
7c98538a-81c6-444b-bf04-e60bc3ceeec0|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Access Is Not Restricted
dee21308-2a7a-49de-8ff7-c9b87e188575|Medium|Networking and Firewall|Query details
Documentation
|
+|Bucket Without Versioning
227c2f58-70c6-4432-8e9a-a89c1a548cf5|Medium|Observability|Query details
Documentation
|
+|Cloud Storage Bucket Versioning Disabled
ad0875c1-0b39-4890-9149-173158ba3bba|Medium|Observability|Query details
Documentation
|
+|Stackdriver Logging Disabled
95601b9a-7fe8-4aee-9b58-d36fd9382dfc|Medium|Observability|Query details
Documentation
|
+|Stackdriver Monitoring Disabled
bbfc97ab-e92a-4a7b-954c-e88cec815011|Medium|Observability|Query details
Documentation
|
+|Node Auto Upgrade Disabled
dc5c5fee-6c53-43b0-ab11-4c660e064aaf|Medium|Resource Management|Query details
Documentation
|
+|Project-wide SSH Keys Are Enabled In VM Instances
6e2b1ec1-1eca-4eb7-9d4d-2882680b4811|Medium|Secret Management|Query details
Documentation
|
+|Cluster Labels Disabled
8810968b-4b15-421d-918b-d91eb4bb8d1d|Low|Insecure Configurations|Query details
Documentation
|
+|COS Node Image Not Used
dbe058d7-b82e-430b-8426-992b2e4677e7|Low|Insecure Configurations|Query details
Documentation
|
+|Not Proper Email Account In Use
a21b8df3-c840-4b3d-a41a-10fb2afda171|Low|Insecure Configurations|Query details
Documentation
|
### GCP_BOM
Below are listed queries related to GoogleDeploymentManager GCP_BOM:
@@ -48,6 +48,6 @@ Below are listed queries related to GoogleDeploymentManager GCP_BOM:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|BOM - GCP PD
268c65a8-58ad-43e4-9019-1a9bbc56749f|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP PST
9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP SB
c7781feb-a955-4f9f-b9cf-0d7c6f54bb59|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PD
268c65a8-58ad-43e4-9019-1a9bbc56749f|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PST
9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP SB
c7781feb-a955-4f9f-b9cf-0d7c6f54bb59|Trace|Bill Of Materials|Query details
Documentation
|
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md b/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md
index a4017968c98..119f608df88 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/google_storage_bucket_level_access_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md b/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md
index b17590861fb..174f9a45f77 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/bucket_without_versioning)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md b/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md
index 81fb04c1092..0c12e18fb4b 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp_bom/pd)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md b/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md
index dc2df500e2a..6eb9ed41bb6 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/ip_aliasing_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md b/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md
index c0cb138a27e..02e78a2165f 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_dns_without_dnnsec)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md b/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md
index c7ce4f8e3fc..7ec4ca2f011 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/private_cluster_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md b/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md
index e29dac8c671..4cad894a98b 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/rdp_access_is_not_restricted)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md b/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md
index b10ee278a75..6266cb352d2 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/gke_master_authorized_networks_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md b/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md
index b137980010e..c5c8cbf32e2 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_storage_anonymous_or_publicly_accessible)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md b/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md
index 7968909c857..34bd1916b9f 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/sql_db_instance_with_ssl_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md b/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md
index 1be933b4463..3c27bac9381 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/dnssec_using_rsasha1)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md b/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md
index 9df0216cfba..d7fbc2ee586 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md b/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md
index 5ebfa5874d8..ca39719983a 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_storage_bucket_is_publicly_accessible)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md b/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md
index ed24c827645..f0cfbf7cf26 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/ip_forwarding_enabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md b/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md
index 915cddbb644..c58d1b3ae84 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cluster_master_authentication_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md b/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md
index 4810d3d522c..76a6f016f08 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/compute_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md b/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md
index b8f9a3642d9..0820da639c3 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/bigquery_database_is_public)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md b/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md
index 135c25870a9..e66d2a44e25 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cluster_labels_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md b/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md
index 8f7fafdc36f..870f9c53a00 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/shielded_vm_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md b/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md
index 8875d97c4ae..ca3f2f6a723 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/stackdriver_logging_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md b/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md
index f736154104a..efb4b0f04a8 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp_bom/pst)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md b/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md
index 723d6f46a7a..b065072ce71 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/not_proper_email_account_in_use)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md b/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md
index 59413683e80..2163e2ab2df 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/sql_db_instance_backup_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md b/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md
index 4a5a81247d5..1178ceb22c6 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_storage_bucket_versioning_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md b/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md
index cfae3fb2555..1f206371dbb 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/stackdriver_monitoring_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md b/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md
index f859e7e9870..079f63847c0 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/network_policy_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md b/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md
index 4cc1d74c167..428458f2cf1 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/mysql_instance_with_local_infile_on)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md b/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md
index 5141cff2699..edd4a04f6b2 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp_bom/sb)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md b/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md
index 3b7891dcd4c..61ad6c01226 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cos_node_image_not_used)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md b/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md
index 5a91644389f..65d88bbf917 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/node_auto_upgrade_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md b/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md
index 585d7d341c7..b9cb1df8d96 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/client_certificate_disabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md b/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md
index 3ca19409874..8155924c2ca 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/ssh_access_is_not_restricted)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md b/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md
index 2c95d85aedd..c07a8d56e70 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/gke_legacy_authorization_enabled)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md b/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md
index d097f7dc622..1a4e1748ee5 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/os_login_is_disabled_for_vm_instance)
### Description
diff --git a/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md b/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md
index e4c621c80b5..8d3823092b0 100644
--- a/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md
+++ b/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GoogleDeploymentManager
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/disk_encryption_disabled)
### Description
diff --git a/docs/queries/grpc-queries.md b/docs/queries/grpc-queries.md
index f14d5ce1d28..a438bd89ed8 100644
--- a/docs/queries/grpc-queries.md
+++ b/docs/queries/grpc-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from GRPC.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Enum Name Not CamelCase
daaace5f-c0dc-4835-b526-7a116b7f4b4e|Info|Best Practices|Query details
Documentation
|
+|Enum Name Not CamelCase
daaace5f-c0dc-4835-b526-7a116b7f4b4e|Info|Best Practices|Query details
Documentation
|
diff --git a/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md b/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md
index e126360f83a..5c94f17fa14 100644
--- a/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md
+++ b/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** GRPC
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/grpc/enum_name_not_camel_case)
### Description
diff --git a/docs/queries/knative-queries.md b/docs/queries/knative-queries.md
index 8139fc53952..cf152f6b041 100644
--- a/docs/queries/knative-queries.md
+++ b/docs/queries/knative-queries.md
@@ -3,4 +3,4 @@ This page contains all queries from Knative.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Serving Revision Spec Without Timeout Seconds
e8bb41e4-2f24-4e84-8bea-8c7c070cf93d|Info|Insecure Configurations|Query details
Documentation
|
+|Serving Revision Spec Without Timeout Seconds
e8bb41e4-2f24-4e84-8bea-8c7c070cf93d|Info|Insecure Configurations|Query details
Documentation
|
diff --git a/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md b/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md
index 0905ab6ce23..8e6fe9fa29d 100644
--- a/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md
+++ b/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Knative
- **Severity:** Info
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/knative/serving_revision_spec_without_timeout_settings)
### Description
diff --git a/docs/queries/kubernetes-queries.md b/docs/queries/kubernetes-queries.md
index 578358c1b61..4fbf72e6016 100644
--- a/docs/queries/kubernetes-queries.md
+++ b/docs/queries/kubernetes-queries.md
@@ -3,145 +3,145 @@ This page contains all queries from Kubernetes.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Authorization Mode Set To Always Allow
f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5|High|Access Control|Query details
Documentation
|
-|Basic Auth File Is Set
5da47109-f8d6-4585-9e2b-96a8958a12f5|High|Access Control|Query details
Documentation
|
-|Client Certificate Authentication Not Setup Properly
e0e00aba-5f1c-4981-a542-9a9563c0ee20|High|Access Control|Query details
Documentation
|
-|Non Kube System Pod With Host Mount
aa8f7a35-9923-4cad-bd61-a19b7f6aac91|High|Access Control|Query details
Documentation
|
-|RBAC Wildcard In Rule
6b896afb-ca07-467a-b256-1a0077a1c08e|High|Access Control|Query details
Documentation
|
-|Service Account Lookup Set To False
a5530bd7-225a-48f9-91bb-f40b04200165|High|Access Control|Query details
Documentation
|
-|Token Auth File Is Set
32ecd76e-7bbf-402e-bf48-8b9485749558|High|Access Control|Query details
Documentation
|
-|Pod Security Policy Admission Control Plugin Not Set
afa36afb-39fe-4d94-b9b6-afb236f7a03d|High|Build Process|Query details
Documentation
|
-|Cluster Allows Unsafe Sysctls
9127f0d9-2310-42e7-866f-5fd9d20dcbad|High|Insecure Configurations|Query details
Documentation
|
-|Container Is Privileged
dd29336b-fe57-445b-a26e-e6aa867ae609|High|Insecure Configurations|Query details
Documentation
|
-|Container Runs Unmasked
f922827f-aab6-447c-832a-e1ff63312bd3|High|Insecure Configurations|Query details
Documentation
|
-|Containers With Sys Admin Capabilities
235236ee-ad78-4065-bd29-61b061f28ce0|High|Insecure Configurations|Query details
Documentation
|
-|Privilege Escalation Allowed
5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Containers To Share The Host Network Namespace
a33e9173-b674-4dfb-9d82-cf3754816e4b|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Privilege Escalation
87554eef-154d-411d-bdce-9dbd91e56851|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Sharing Host IPC
80f93444-b240-4ebb-a4c6-5c40b76c04ea|High|Insecure Configurations|Query details
Documentation
|
-|PSP Set To Privileged
c48e57d3-d642-4e0b-90db-37f807b41b91|High|Insecure Configurations|Query details
Documentation
|
-|PSP With Added Capabilities
7307579a-3abb-46ad-9ce5-2a915634d5c8|High|Insecure Configurations|Query details
Documentation
|
-|Shared Host PID Namespace
302736f4-b16c-41b8-befe-c0baffa0bd9d|High|Insecure Configurations|Query details
Documentation
|
-|Tiller (Helm v2) Is Deployed
6d173be7-545a-46c6-a81d-2ae52ed1605d|High|Insecure Configurations|Query details
Documentation
|
-|Tiller Service Is Not Deleted
8b862ca9-0fbd-4959-ad72-b6609bdaa22d|High|Insecure Configurations|Query details
Documentation
|
-|Workload Mounting With Sensitive OS Directory
5308a7a8-06f8-45ac-bf10-791fe21de46e|High|Insecure Configurations|Query details
Documentation
|
-|Etcd Peer TLS Certificate Files Not Properly Set
09bb9e96-8da3-4736-b89a-b36814acca60|High|Networking and Firewall|Query details
Documentation
|
-|Insecure Bind Address Set
b9380fd3-5ffe-4d10-9290-13e18e71eee1|High|Networking and Firewall|Query details
Documentation
|
-|Insecure Port Not Properly Set
fa4def8c-1898-4a35-a139-7b76b1acdef0|High|Networking and Firewall|Query details
Documentation
|
-|Secure Port Set To Zero
3d24b204-b73d-42cb-b0bf-1a5438c5f71e|High|Networking and Firewall|Query details
Documentation
|
-|Tiller Deployment Is Accessible From Within The Cluster
e17fa86a-6222-4584-a914-56e8f6c87e06|High|Networking and Firewall|Query details
Documentation
|
-|PSP With Unrestricted Access to Host Path
de4421f1-4e35-43b4-9783-737dd4e4a47e|High|Resource Management|Query details
Documentation
|
-|Volume Mount With OS Directory Write Permissions
b7652612-de4e-4466-a0bf-1cd81f0c6063|High|Resource Management|Query details
Documentation
|
-|Always Admit Admission Control Plugin Set
ce30e584-b33f-4c7d-b418-a3d7027f8f60|Medium|Access Control|Query details
Documentation
|
-|Anonymous Auth Is Not Set To False
1de5cc51-f376-4638-a940-20f2e85ae238|Medium|Access Control|Query details
Documentation
|
-|Authorization Mode RBAC Not Set
1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e|Medium|Access Control|Query details
Documentation
|
-|Docker Daemon Socket is Exposed to Containers
a6f34658-fdfb-4154-9536-56d516f65828|Medium|Access Control|Query details
Documentation
|
-|Node Restriction Admission Control Plugin Not Set
33fc6923-6553-4fe6-9d3a-4efa51eb874b|Medium|Access Control|Query details
Documentation
|
-|Permissive Access to Create Pods
592ad21d-ad9b-46c6-8d2d-fad09d62a942|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles Allow Privilege Escalation
8320826e-7a9c-4b0b-9535-578333193432|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Attach Permission
d45330fd-f58d-45fb-a682-6481477a0f84|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Exec Permission
c589f42c-7924-4871-aee2-1cede9bc7cbc|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Impersonate Permission
9f85c3f6-26fd-4007-938a-2e0cb0100980|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Port-Forwarding Permission
38fa11ef-dbcc-4da8-9680-7e1fd855b6fb|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Read Secrets Permissions
b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14|Medium|Access Control|Query details
Documentation
|
-|Service Account Admission Control Plugin Disabled
9587c890-0524-40c2-9ce2-663af7c2f063|Medium|Access Control|Query details
Documentation
|
-|Use Service Account Credentials Not Set To True
1acd93f1-5a37-45c0-aaac-82ece818be7d|Medium|Access Control|Query details
Documentation
|
-|Readiness Probe Is Not Configured
a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3|Medium|Availability|Query details
Documentation
|
-|Request Timeout Not Properly Set
d89a15bb-8dba-4c71-9529-bef6729b9c09|Medium|Availability|Query details
Documentation
|
-|Terminated Pod Garbage Collector Threshold Not Properly Set
49113af4-29ca-458e-b8d4-724c01a4a24f|Medium|Availability|Query details
Documentation
|
-|Container Running As Root
cf34805e-3872-4c08-bf92-6ff7bb0cfadb|Medium|Best Practices|Query details
Documentation
|
-|Container Running With Low UID
02323c00-cdc3-4fdc-a310-4f2b3e7a1660|Medium|Best Practices|Query details
Documentation
|
-|Root Containers Admitted
e3aa0612-4351-4a0d-983f-aefea25cf203|Medium|Best Practices|Query details
Documentation
|
-|Always Pull Images Admission Control Plugin Not Set
a77f4d07-c6e0-4a48-8b35-0eeb51576f4f|Medium|Build Process|Query details
Documentation
|
-|Incorrect Volume Claim Access Mode ReadWriteOnce
3878dc92-8e5d-47cf-9cdd-7590f71d21b9|Medium|Build Process|Query details
Documentation
|
-|Encryption Provider Config Is Not Defined
cbd2db69-0b21-4c14-8a40-7710a50571a9|Medium|Encryption|Query details
Documentation
|
-|Encryption Provider Not Properly Configured
10efce34-5af6-4d83-b414-9e096d5a06a9|Medium|Encryption|Query details
Documentation
|
-|Root CA File Not Defined
05fb986f-ac73-4ebb-a5b2-7faafa93d882|Medium|Encryption|Query details
Documentation
|
-|Service Account Private Key File Not Defined
ccc98ff7-68a7-436e-9218-185cb0b0b780|Medium|Encryption|Query details
Documentation
|
-|Weak TLS Cipher Suites
510d5810-9a30-443a-817d-5c1fa527b110|Medium|Encryption|Query details
Documentation
|
-|Authorization Mode Node Not Set
4d7ee40f-fc5d-427d-8cac-dffbe22d42d1|Medium|Insecure Configurations|Query details
Documentation
|
-|Containers With Added Capabilities
19ebaa28-fc86-4a58-bcfa-015c9e22fe40|Medium|Insecure Configurations|Query details
Documentation
|
-|Ingress Controller Exposes Workload
69bbc5e3-0818-4150-89cc-1e989b48f23b|Medium|Insecure Configurations|Query details
Documentation
|
-|Kubelet Protect Kernel Defaults Set To False
6cf42c97-facd-4fda-b8af-ea4529123355|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Disabled for PSP
2270987f-bb51-479f-b8be-3ca73e5ad648|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Not Being Dropped
dbbc6705-d541-43b0-b166-dd4be8208b54|Medium|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Sharing Host PID
91dacd0e-d189-4a9c-8272-5999a3cc32d9|Medium|Insecure Configurations|Query details
Documentation
|
-|Seccomp Profile Is Not Configured
f377b83e-bd07-4f48-a591-60c82b14a78b|Medium|Insecure Configurations|Query details
Documentation
|
-|Security Context Deny Admission Control Plugin Not Set
6a68bebe-c021-492e-8ddb-55b0567fb768|Medium|Insecure Configurations|Query details
Documentation
|
-|Using Unrecommended Namespace
611ab018-c4aa-4ba2-b0f6-a448337509a6|Medium|Insecure Configurations|Query details
Documentation
|
-|Role Binding To Default Service Account
1e749bc9-fde8-471c-af0c-8254efd2dee5|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Name Undefined Or Empty
591ade62-d6b0-4580-b1ae-209f80ba1cd9|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Token Automount Not Disabled
48471392-d4d0-47c0-b135-cdec95eb3eef|Medium|Insecure Defaults|Query details
Documentation
|
-|Auto TLS Set To True
98ce8b81-7707-4734-aa39-627c6db3d84b|Medium|Networking and Firewall|Query details
Documentation
|
-|CNI Plugin Does Not Support Network Policies
03aabc8c-35d6-481e-9c85-20139cf72d23|Medium|Networking and Firewall|Query details
Documentation
|
-|Etcd TLS Certificate Files Not Properly Set
075ca296-6768-4322-aea2-ba5063b969a9|Medium|Networking and Firewall|Query details
Documentation
|
-|Etcd TLS Certificate Not Properly Configured
895a5a95-3756-4b04-9924-2f3bc93181bd|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet HTTPS Set To False
cdc8b54e-6b16-4538-a1b0-35849dbe29cf|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet Not Managing Ip Tables
5f89001f-6dd9-49ff-9b15-d8cd71b617f4|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet Read Only Port Is Not Set To Zero
2940d48a-dc5e-4178-a3f8-bfbd80720b41|Medium|Networking and Firewall|Query details
Documentation
|
-|Kubelet Streaming Connection Timeout Disabled
ed89b97d-04e9-4fd4-919f-ee5b27e555e9|Medium|Networking and Firewall|Query details
Documentation
|
-|Peer Auto TLS Set To True
ae8827e2-4af9-4baa-9998-87539ae0d6f0|Medium|Networking and Firewall|Query details
Documentation
|
-|Pod Misconfigured Network Policy
0401f71b-9c1e-4821-ab15-a955caa621be|Medium|Networking and Firewall|Query details
Documentation
|
-|Service With External Load Balancer
26763a1c-5dda-4772-b507-5fca7fb5f165|Medium|Networking and Firewall|Query details
Documentation
|
-|TSL Connection Certificate Not Setup
fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f|Medium|Networking and Firewall|Query details
Documentation
|
-|Audit Log Path Not Set
73e251f0-363d-4e53-86e2-0a93592437eb|Medium|Observability|Query details
Documentation
|
-|Audit Policy File Not Defined
13a49a2e-488e-4309-a7c0-d6b05577a5fb|Medium|Observability|Query details
Documentation
|
-|Memory Limits Not Defined
b14d1bc4-a208-45db-92f0-e21f8e2588e9|Medium|Resource Management|Query details
Documentation
|
-|Memory Requests Not Defined
229588ef-8fde-40c8-8756-f4f2b5825ded|Medium|Resource Management|Query details
Documentation
|
-|Shared Host IPC Namespace
cd290efd-6c82-4e9d-a698-be12ae31d536|Medium|Resource Management|Query details
Documentation
|
-|Shared Host Network Namespace
6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a|Medium|Resource Management|Query details
Documentation
|
-|Etcd Client Certificate Authentication Set To False
9391103a-d8d7-4671-ac5d-606ba7ccb0ac|Medium|Secret Management|Query details
Documentation
|
-|Etcd Client Certificate File Not Defined
3f5ff8a7-5ad6-4d02-86f5-666307da1b20|Medium|Secret Management|Query details
Documentation
|
-|Etcd Peer Client Certificate Authentication Set To False
b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff|Medium|Secret Management|Query details
Documentation
|
-|Kubelet Certificate Authority Not Set
ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0|Medium|Secret Management|Query details
Documentation
|
-|Kubelet Client Certificate Or Key Not Set
36a27826-1bf5-49da-aeb0-a60a30c0e834|Medium|Secret Management|Query details
Documentation
|
-|Kubelet Client Periodic Certificate Switch Disabled
52d70f2e-3257-474c-b3dc-8ad9ba6a061a|Medium|Secret Management|Query details
Documentation
|
-|Not Unique Certificate Authority
cb7e695d-6a85-495c-b15f-23aed2519303|Medium|Secret Management|Query details
Documentation
|
-|Rotate Kubelet Server Certificate Not Active
1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2|Medium|Secret Management|Query details
Documentation
|
-|Service Account Key File Not Properly Set
dab4ec72-ce2e-4732-b7c3-1757dcce01a1|Medium|Secret Management|Query details
Documentation
|
-|ServiceAccount Allows Access Secrets
056ac60e-fe07-4acc-9b34-8e1d51716ab9|Medium|Secret Management|Query details
Documentation
|
-|Shared Service Account
c1032cf7-3628-44e2-bd53-38c17cf31b6b|Medium|Secret Management|Query details
Documentation
|
-|Cluster Admin Rolebinding With Superuser Permissions
249328b8-5f0f-409f-b1dd-029f07882e11|Low|Access Control|Query details
Documentation
|
-|Missing AppArmor Profile
8b36775e-183d-4d46-b0f7-96a6f34a723f|Low|Access Control|Query details
Documentation
|
-|Deployment Without PodDisruptionBudget
b23e9b98-0cb6-4fc9-b257-1f3270442678|Low|Availability|Query details
Documentation
|
-|Event Rate Limit Admission Control Plugin Not Set
e0099af2-fe17-411f-9991-0de28fe15f3c|Low|Availability|Query details
Documentation
|
-|HPA Targets Invalid Object
2f652c42-619d-4361-b361-9f599688f8ca|Low|Availability|Query details
Documentation
|
-|StatefulSet Without PodDisruptionBudget
1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5|Low|Availability|Query details
Documentation
|
-|StatefulSet Without Service Name
bb241e61-77c3-4b97-9575-c0f8a1e008d0|Low|Availability|Query details
Documentation
|
-|Metadata Label Is Invalid
1123031a-f921-4c5b-bd86-ef354ecfd37a|Low|Best Practices|Query details
Documentation
|
-|No Drop Capabilities for Containers
268ca686-7fb7-4ae9-b129-955a2a89064e|Low|Best Practices|Query details
Documentation
|
-|Object Is Using A Deprecated API Version
94b76ea5-e074-4ca2-8a03-c5a606e30645|Low|Best Practices|Query details
Documentation
|
-|Image Policy Webhook Admission Control Plugin Not Set
14abda69-8e91-4acb-9931-76e2bee90284|Low|Build Process|Query details
Documentation
|
-|Namespace Lifecycle Admission Control Plugin Disabled
1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37|Low|Build Process|Query details
Documentation
|
-|Root Container Not Mounted Read-only
a9c2f49d-0671-4fc9-9ece-f4e261e128d0|Low|Build Process|Query details
Documentation
|
-|StatefulSet Requests Storage
8cf4671a-cf3d-46fc-8389-21e7405063a2|Low|Build Process|Query details
Documentation
|
-|Dashboard Is Enabled
d2ad057f-0928-41ef-a83c-f59203bb855b|Low|Insecure Configurations|Query details
Documentation
|
-|Image Pull Policy Of The Container Is Not Set To Always
caa3479d-885d-4882-9aac-95e5e78ef5c2|Low|Insecure Configurations|Query details
Documentation
|
-|Image Without Digest
7c81d34c-8e5a-402b-9798-9f442630e678|Low|Insecure Configurations|Query details
Documentation
|
-|Kubelet Hostname Override Is Set
bf36b900-b5ef-4828-adb7-70eb543b7cfb|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without LimitRange
4a20ebac-1060-4c81-95d1-1f7f620e983b|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without ResourceQuota
48a5beba-e4c0-4584-a2aa-e6894e4cf424|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without Security Context
a97a340a-0063-418e-b3a1-3028941d0995|Low|Insecure Configurations|Query details
Documentation
|
-|Service Does Not Target Pod
3ca03a61-3249-4c16-8427-6f8e47dda729|Low|Insecure Configurations|Query details
Documentation
|
-|Network Policy Is Not Targeting Any Pod
85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3|Low|Networking and Firewall|Query details
Documentation
|
-|Service Type is NodePort
845acfbe-3e10-4b8e-b656-3b404d36dfb2|Low|Networking and Firewall|Query details
Documentation
|
-|Workload Host Port Not Specified
2b1836f1-dcce-416e-8e16-da8c71920633|Low|Networking and Firewall|Query details
Documentation
|
-|Audit Log Maxage Not Properly Set
da9f3aa8-fbfb-472f-b5a1-576127944218|Low|Observability|Query details
Documentation
|
-|Audit Log Maxbackup Not Properly Set
768aab52-2504-4a2f-a3e3-329d5a679848|Low|Observability|Query details
Documentation
|
-|Audit Log Maxsize Not Properly Set
35c0a471-f7c8-4993-aa2c-503a3c712a66|Low|Observability|Query details
Documentation
|
-|Audit Policy Not Cover Key Security Concerns
1828a670-5957-4bc5-9974-47da228f75e2|Low|Observability|Query details
Documentation
|
-|Kubelet Event QPS Not Properly Set
1a07a446-8e61-4e4d-bc16-b0781fcb8211|Low|Observability|Query details
Documentation
|
-|Profiling Not Set To False
2f491173-6375-4a84-b28e-a4e2b9a58a69|Low|Observability|Query details
Documentation
|
-|CPU Limits Not Set
4ac0e2b7-d2d2-4af7-8799-e8de6721ccda|Low|Resource Management|Query details
Documentation
|
-|CPU Requests Not Set
ca469dd4-c736-448f-8ac1-30a642705e0a|Low|Resource Management|Query details
Documentation
|
-|CronJob Deadline Not Configured
192fe40b-b1c3-448a-aba2-6cc19a300fe3|Low|Resource Management|Query details
Documentation
|
-|Deployment Has No PodAntiAffinity
a31b7b82-d994-48c4-bd21-3bab6c31827a|Low|Resource Management|Query details
Documentation
|
-|StatefulSet Has No PodAntiAffinity
d740d048-8ed3-49d3-b77b-6f072f3b669e|Low|Resource Management|Query details
Documentation
|
-|Secrets As Environment Variables
3d658f8b-d988-41a0-a841-40043121de1e|Low|Secret Management|Query details
Documentation
|
-|Invalid Image Tag
583053b7-e632-46f0-b989-f81ff8045385|Low|Supply-Chain|Query details
Documentation
|
-|Ensure Administrative Boundaries Between Resources
e84eaf4d-2f45-47b2-abe8-e581b06deb66|Info|Access Control|Query details
Documentation
|
-|HPA Targeted Deployments With Configured Replica Count
5744cbb8-5946-4b75-a196-ade44449525b|Info|Availability|Query details
Documentation
|
-|Liveness Probe Is Not Defined
ade74944-a674-4e00-859e-c6eab5bde441|Info|Availability|Query details
Documentation
|
-|Not Limited Capabilities For Pod Security Policy
caa93370-791f-4fc6-814b-ba6ce0cb4032|Info|Insecure Configurations|Query details
Documentation
|
-|Bind Address Not Properly Set
46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2|Info|Networking and Firewall|Query details
Documentation
|
-|Using Kubernetes Native Secret Management
b9c83569-459b-4110-8f79-6305aa33cb37|Info|Secret Management|Query details
Documentation
|
+|Authorization Mode Set To Always Allow
f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5|High|Access Control|Query details
Documentation
|
+|Basic Auth File Is Set
5da47109-f8d6-4585-9e2b-96a8958a12f5|High|Access Control|Query details
Documentation
|
+|Client Certificate Authentication Not Setup Properly
e0e00aba-5f1c-4981-a542-9a9563c0ee20|High|Access Control|Query details
Documentation
|
+|Non Kube System Pod With Host Mount
aa8f7a35-9923-4cad-bd61-a19b7f6aac91|High|Access Control|Query details
Documentation
|
+|RBAC Wildcard In Rule
6b896afb-ca07-467a-b256-1a0077a1c08e|High|Access Control|Query details
Documentation
|
+|Service Account Lookup Set To False
a5530bd7-225a-48f9-91bb-f40b04200165|High|Access Control|Query details
Documentation
|
+|Token Auth File Is Set
32ecd76e-7bbf-402e-bf48-8b9485749558|High|Access Control|Query details
Documentation
|
+|Pod Security Policy Admission Control Plugin Not Set
afa36afb-39fe-4d94-b9b6-afb236f7a03d|High|Build Process|Query details
Documentation
|
+|Cluster Allows Unsafe Sysctls
9127f0d9-2310-42e7-866f-5fd9d20dcbad|High|Insecure Configurations|Query details
Documentation
|
+|Container Is Privileged
dd29336b-fe57-445b-a26e-e6aa867ae609|High|Insecure Configurations|Query details
Documentation
|
+|Container Runs Unmasked
f922827f-aab6-447c-832a-e1ff63312bd3|High|Insecure Configurations|Query details
Documentation
|
+|Containers With Sys Admin Capabilities
235236ee-ad78-4065-bd29-61b061f28ce0|High|Insecure Configurations|Query details
Documentation
|
+|Privilege Escalation Allowed
5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Containers To Share The Host Network Namespace
a33e9173-b674-4dfb-9d82-cf3754816e4b|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Privilege Escalation
87554eef-154d-411d-bdce-9dbd91e56851|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Sharing Host IPC
80f93444-b240-4ebb-a4c6-5c40b76c04ea|High|Insecure Configurations|Query details
Documentation
|
+|PSP Set To Privileged
c48e57d3-d642-4e0b-90db-37f807b41b91|High|Insecure Configurations|Query details
Documentation
|
+|PSP With Added Capabilities
7307579a-3abb-46ad-9ce5-2a915634d5c8|High|Insecure Configurations|Query details
Documentation
|
+|Shared Host PID Namespace
302736f4-b16c-41b8-befe-c0baffa0bd9d|High|Insecure Configurations|Query details
Documentation
|
+|Tiller (Helm v2) Is Deployed
6d173be7-545a-46c6-a81d-2ae52ed1605d|High|Insecure Configurations|Query details
Documentation
|
+|Tiller Service Is Not Deleted
8b862ca9-0fbd-4959-ad72-b6609bdaa22d|High|Insecure Configurations|Query details
Documentation
|
+|Workload Mounting With Sensitive OS Directory
5308a7a8-06f8-45ac-bf10-791fe21de46e|High|Insecure Configurations|Query details
Documentation
|
+|Etcd Peer TLS Certificate Files Not Properly Set
09bb9e96-8da3-4736-b89a-b36814acca60|High|Networking and Firewall|Query details
Documentation
|
+|Insecure Bind Address Set
b9380fd3-5ffe-4d10-9290-13e18e71eee1|High|Networking and Firewall|Query details
Documentation
|
+|Insecure Port Not Properly Set
fa4def8c-1898-4a35-a139-7b76b1acdef0|High|Networking and Firewall|Query details
Documentation
|
+|Secure Port Set To Zero
3d24b204-b73d-42cb-b0bf-1a5438c5f71e|High|Networking and Firewall|Query details
Documentation
|
+|Tiller Deployment Is Accessible From Within The Cluster
e17fa86a-6222-4584-a914-56e8f6c87e06|High|Networking and Firewall|Query details
Documentation
|
+|PSP With Unrestricted Access to Host Path
de4421f1-4e35-43b4-9783-737dd4e4a47e|High|Resource Management|Query details
Documentation
|
+|Volume Mount With OS Directory Write Permissions
b7652612-de4e-4466-a0bf-1cd81f0c6063|High|Resource Management|Query details
Documentation
|
+|Always Admit Admission Control Plugin Set
ce30e584-b33f-4c7d-b418-a3d7027f8f60|Medium|Access Control|Query details
Documentation
|
+|Anonymous Auth Is Not Set To False
1de5cc51-f376-4638-a940-20f2e85ae238|Medium|Access Control|Query details
Documentation
|
+|Authorization Mode RBAC Not Set
1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e|Medium|Access Control|Query details
Documentation
|
+|Docker Daemon Socket is Exposed to Containers
a6f34658-fdfb-4154-9536-56d516f65828|Medium|Access Control|Query details
Documentation
|
+|Node Restriction Admission Control Plugin Not Set
33fc6923-6553-4fe6-9d3a-4efa51eb874b|Medium|Access Control|Query details
Documentation
|
+|Permissive Access to Create Pods
592ad21d-ad9b-46c6-8d2d-fad09d62a942|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles Allow Privilege Escalation
8320826e-7a9c-4b0b-9535-578333193432|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Attach Permission
d45330fd-f58d-45fb-a682-6481477a0f84|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Exec Permission
c589f42c-7924-4871-aee2-1cede9bc7cbc|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Impersonate Permission
9f85c3f6-26fd-4007-938a-2e0cb0100980|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Port-Forwarding Permission
38fa11ef-dbcc-4da8-9680-7e1fd855b6fb|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Read Secrets Permissions
b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14|Medium|Access Control|Query details
Documentation
|
+|Service Account Admission Control Plugin Disabled
9587c890-0524-40c2-9ce2-663af7c2f063|Medium|Access Control|Query details
Documentation
|
+|Use Service Account Credentials Not Set To True
1acd93f1-5a37-45c0-aaac-82ece818be7d|Medium|Access Control|Query details
Documentation
|
+|Readiness Probe Is Not Configured
a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3|Medium|Availability|Query details
Documentation
|
+|Request Timeout Not Properly Set
d89a15bb-8dba-4c71-9529-bef6729b9c09|Medium|Availability|Query details
Documentation
|
+|Terminated Pod Garbage Collector Threshold Not Properly Set
49113af4-29ca-458e-b8d4-724c01a4a24f|Medium|Availability|Query details
Documentation
|
+|Container Running As Root
cf34805e-3872-4c08-bf92-6ff7bb0cfadb|Medium|Best Practices|Query details
Documentation
|
+|Container Running With Low UID
02323c00-cdc3-4fdc-a310-4f2b3e7a1660|Medium|Best Practices|Query details
Documentation
|
+|Root Containers Admitted
e3aa0612-4351-4a0d-983f-aefea25cf203|Medium|Best Practices|Query details
Documentation
|
+|Always Pull Images Admission Control Plugin Not Set
a77f4d07-c6e0-4a48-8b35-0eeb51576f4f|Medium|Build Process|Query details
Documentation
|
+|Incorrect Volume Claim Access Mode ReadWriteOnce
3878dc92-8e5d-47cf-9cdd-7590f71d21b9|Medium|Build Process|Query details
Documentation
|
+|Encryption Provider Config Is Not Defined
cbd2db69-0b21-4c14-8a40-7710a50571a9|Medium|Encryption|Query details
Documentation
|
+|Encryption Provider Not Properly Configured
10efce34-5af6-4d83-b414-9e096d5a06a9|Medium|Encryption|Query details
Documentation
|
+|Root CA File Not Defined
05fb986f-ac73-4ebb-a5b2-7faafa93d882|Medium|Encryption|Query details
Documentation
|
+|Service Account Private Key File Not Defined
ccc98ff7-68a7-436e-9218-185cb0b0b780|Medium|Encryption|Query details
Documentation
|
+|Weak TLS Cipher Suites
510d5810-9a30-443a-817d-5c1fa527b110|Medium|Encryption|Query details
Documentation
|
+|Authorization Mode Node Not Set
4d7ee40f-fc5d-427d-8cac-dffbe22d42d1|Medium|Insecure Configurations|Query details
Documentation
|
+|Containers With Added Capabilities
19ebaa28-fc86-4a58-bcfa-015c9e22fe40|Medium|Insecure Configurations|Query details
Documentation
|
+|Ingress Controller Exposes Workload
69bbc5e3-0818-4150-89cc-1e989b48f23b|Medium|Insecure Configurations|Query details
Documentation
|
+|Kubelet Protect Kernel Defaults Set To False
6cf42c97-facd-4fda-b8af-ea4529123355|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Disabled for PSP
2270987f-bb51-479f-b8be-3ca73e5ad648|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Not Being Dropped
dbbc6705-d541-43b0-b166-dd4be8208b54|Medium|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Sharing Host PID
91dacd0e-d189-4a9c-8272-5999a3cc32d9|Medium|Insecure Configurations|Query details
Documentation
|
+|Seccomp Profile Is Not Configured
f377b83e-bd07-4f48-a591-60c82b14a78b|Medium|Insecure Configurations|Query details
Documentation
|
+|Security Context Deny Admission Control Plugin Not Set
6a68bebe-c021-492e-8ddb-55b0567fb768|Medium|Insecure Configurations|Query details
Documentation
|
+|Using Unrecommended Namespace
611ab018-c4aa-4ba2-b0f6-a448337509a6|Medium|Insecure Configurations|Query details
Documentation
|
+|Role Binding To Default Service Account
1e749bc9-fde8-471c-af0c-8254efd2dee5|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Name Undefined Or Empty
591ade62-d6b0-4580-b1ae-209f80ba1cd9|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Token Automount Not Disabled
48471392-d4d0-47c0-b135-cdec95eb3eef|Medium|Insecure Defaults|Query details
Documentation
|
+|Auto TLS Set To True
98ce8b81-7707-4734-aa39-627c6db3d84b|Medium|Networking and Firewall|Query details
Documentation
|
+|CNI Plugin Does Not Support Network Policies
03aabc8c-35d6-481e-9c85-20139cf72d23|Medium|Networking and Firewall|Query details
Documentation
|
+|Etcd TLS Certificate Files Not Properly Set
075ca296-6768-4322-aea2-ba5063b969a9|Medium|Networking and Firewall|Query details
Documentation
|
+|Etcd TLS Certificate Not Properly Configured
895a5a95-3756-4b04-9924-2f3bc93181bd|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet HTTPS Set To False
cdc8b54e-6b16-4538-a1b0-35849dbe29cf|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet Not Managing Ip Tables
5f89001f-6dd9-49ff-9b15-d8cd71b617f4|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet Read Only Port Is Not Set To Zero
2940d48a-dc5e-4178-a3f8-bfbd80720b41|Medium|Networking and Firewall|Query details
Documentation
|
+|Kubelet Streaming Connection Timeout Disabled
ed89b97d-04e9-4fd4-919f-ee5b27e555e9|Medium|Networking and Firewall|Query details
Documentation
|
+|Peer Auto TLS Set To True
ae8827e2-4af9-4baa-9998-87539ae0d6f0|Medium|Networking and Firewall|Query details
Documentation
|
+|Pod Misconfigured Network Policy
0401f71b-9c1e-4821-ab15-a955caa621be|Medium|Networking and Firewall|Query details
Documentation
|
+|Service With External Load Balancer
26763a1c-5dda-4772-b507-5fca7fb5f165|Medium|Networking and Firewall|Query details
Documentation
|
+|TSL Connection Certificate Not Setup
fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f|Medium|Networking and Firewall|Query details
Documentation
|
+|Audit Log Path Not Set
73e251f0-363d-4e53-86e2-0a93592437eb|Medium|Observability|Query details
Documentation
|
+|Audit Policy File Not Defined
13a49a2e-488e-4309-a7c0-d6b05577a5fb|Medium|Observability|Query details
Documentation
|
+|Memory Limits Not Defined
b14d1bc4-a208-45db-92f0-e21f8e2588e9|Medium|Resource Management|Query details
Documentation
|
+|Memory Requests Not Defined
229588ef-8fde-40c8-8756-f4f2b5825ded|Medium|Resource Management|Query details
Documentation
|
+|Shared Host IPC Namespace
cd290efd-6c82-4e9d-a698-be12ae31d536|Medium|Resource Management|Query details
Documentation
|
+|Shared Host Network Namespace
6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a|Medium|Resource Management|Query details
Documentation
|
+|Etcd Client Certificate Authentication Set To False
9391103a-d8d7-4671-ac5d-606ba7ccb0ac|Medium|Secret Management|Query details
Documentation
|
+|Etcd Client Certificate File Not Defined
3f5ff8a7-5ad6-4d02-86f5-666307da1b20|Medium|Secret Management|Query details
Documentation
|
+|Etcd Peer Client Certificate Authentication Set To False
b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff|Medium|Secret Management|Query details
Documentation
|
+|Kubelet Certificate Authority Not Set
ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0|Medium|Secret Management|Query details
Documentation
|
+|Kubelet Client Certificate Or Key Not Set
36a27826-1bf5-49da-aeb0-a60a30c0e834|Medium|Secret Management|Query details
Documentation
|
+|Kubelet Client Periodic Certificate Switch Disabled
52d70f2e-3257-474c-b3dc-8ad9ba6a061a|Medium|Secret Management|Query details
Documentation
|
+|Not Unique Certificate Authority
cb7e695d-6a85-495c-b15f-23aed2519303|Medium|Secret Management|Query details
Documentation
|
+|Rotate Kubelet Server Certificate Not Active
1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2|Medium|Secret Management|Query details
Documentation
|
+|Service Account Key File Not Properly Set
dab4ec72-ce2e-4732-b7c3-1757dcce01a1|Medium|Secret Management|Query details
Documentation
|
+|ServiceAccount Allows Access Secrets
056ac60e-fe07-4acc-9b34-8e1d51716ab9|Medium|Secret Management|Query details
Documentation
|
+|Shared Service Account
c1032cf7-3628-44e2-bd53-38c17cf31b6b|Medium|Secret Management|Query details
Documentation
|
+|Cluster Admin Rolebinding With Superuser Permissions
249328b8-5f0f-409f-b1dd-029f07882e11|Low|Access Control|Query details
Documentation
|
+|Missing AppArmor Profile
8b36775e-183d-4d46-b0f7-96a6f34a723f|Low|Access Control|Query details
Documentation
|
+|Deployment Without PodDisruptionBudget
b23e9b98-0cb6-4fc9-b257-1f3270442678|Low|Availability|Query details
Documentation
|
+|Event Rate Limit Admission Control Plugin Not Set
e0099af2-fe17-411f-9991-0de28fe15f3c|Low|Availability|Query details
Documentation
|
+|HPA Targets Invalid Object
2f652c42-619d-4361-b361-9f599688f8ca|Low|Availability|Query details
Documentation
|
+|StatefulSet Without PodDisruptionBudget
1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5|Low|Availability|Query details
Documentation
|
+|StatefulSet Without Service Name
bb241e61-77c3-4b97-9575-c0f8a1e008d0|Low|Availability|Query details
Documentation
|
+|Metadata Label Is Invalid
1123031a-f921-4c5b-bd86-ef354ecfd37a|Low|Best Practices|Query details
Documentation
|
+|No Drop Capabilities for Containers
268ca686-7fb7-4ae9-b129-955a2a89064e|Low|Best Practices|Query details
Documentation
|
+|Object Is Using A Deprecated API Version
94b76ea5-e074-4ca2-8a03-c5a606e30645|Low|Best Practices|Query details
Documentation
|
+|Image Policy Webhook Admission Control Plugin Not Set
14abda69-8e91-4acb-9931-76e2bee90284|Low|Build Process|Query details
Documentation
|
+|Namespace Lifecycle Admission Control Plugin Disabled
1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37|Low|Build Process|Query details
Documentation
|
+|Root Container Not Mounted Read-only
a9c2f49d-0671-4fc9-9ece-f4e261e128d0|Low|Build Process|Query details
Documentation
|
+|StatefulSet Requests Storage
8cf4671a-cf3d-46fc-8389-21e7405063a2|Low|Build Process|Query details
Documentation
|
+|Dashboard Is Enabled
d2ad057f-0928-41ef-a83c-f59203bb855b|Low|Insecure Configurations|Query details
Documentation
|
+|Image Pull Policy Of The Container Is Not Set To Always
caa3479d-885d-4882-9aac-95e5e78ef5c2|Low|Insecure Configurations|Query details
Documentation
|
+|Image Without Digest
7c81d34c-8e5a-402b-9798-9f442630e678|Low|Insecure Configurations|Query details
Documentation
|
+|Kubelet Hostname Override Is Set
bf36b900-b5ef-4828-adb7-70eb543b7cfb|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without LimitRange
4a20ebac-1060-4c81-95d1-1f7f620e983b|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without ResourceQuota
48a5beba-e4c0-4584-a2aa-e6894e4cf424|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without Security Context
a97a340a-0063-418e-b3a1-3028941d0995|Low|Insecure Configurations|Query details
Documentation
|
+|Service Does Not Target Pod
3ca03a61-3249-4c16-8427-6f8e47dda729|Low|Insecure Configurations|Query details
Documentation
|
+|Network Policy Is Not Targeting Any Pod
85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3|Low|Networking and Firewall|Query details
Documentation
|
+|Service Type is NodePort
845acfbe-3e10-4b8e-b656-3b404d36dfb2|Low|Networking and Firewall|Query details
Documentation
|
+|Workload Host Port Not Specified
2b1836f1-dcce-416e-8e16-da8c71920633|Low|Networking and Firewall|Query details
Documentation
|
+|Audit Log Maxage Not Properly Set
da9f3aa8-fbfb-472f-b5a1-576127944218|Low|Observability|Query details
Documentation
|
+|Audit Log Maxbackup Not Properly Set
768aab52-2504-4a2f-a3e3-329d5a679848|Low|Observability|Query details
Documentation
|
+|Audit Log Maxsize Not Properly Set
35c0a471-f7c8-4993-aa2c-503a3c712a66|Low|Observability|Query details
Documentation
|
+|Audit Policy Not Cover Key Security Concerns
1828a670-5957-4bc5-9974-47da228f75e2|Low|Observability|Query details
Documentation
|
+|Kubelet Event QPS Not Properly Set
1a07a446-8e61-4e4d-bc16-b0781fcb8211|Low|Observability|Query details
Documentation
|
+|Profiling Not Set To False
2f491173-6375-4a84-b28e-a4e2b9a58a69|Low|Observability|Query details
Documentation
|
+|CPU Limits Not Set
4ac0e2b7-d2d2-4af7-8799-e8de6721ccda|Low|Resource Management|Query details
Documentation
|
+|CPU Requests Not Set
ca469dd4-c736-448f-8ac1-30a642705e0a|Low|Resource Management|Query details
Documentation
|
+|CronJob Deadline Not Configured
192fe40b-b1c3-448a-aba2-6cc19a300fe3|Low|Resource Management|Query details
Documentation
|
+|Deployment Has No PodAntiAffinity
a31b7b82-d994-48c4-bd21-3bab6c31827a|Low|Resource Management|Query details
Documentation
|
+|StatefulSet Has No PodAntiAffinity
d740d048-8ed3-49d3-b77b-6f072f3b669e|Low|Resource Management|Query details
Documentation
|
+|Secrets As Environment Variables
3d658f8b-d988-41a0-a841-40043121de1e|Low|Secret Management|Query details
Documentation
|
+|Invalid Image Tag
583053b7-e632-46f0-b989-f81ff8045385|Low|Supply-Chain|Query details
Documentation
|
+|Ensure Administrative Boundaries Between Resources
e84eaf4d-2f45-47b2-abe8-e581b06deb66|Info|Access Control|Query details
Documentation
|
+|HPA Targeted Deployments With Configured Replica Count
5744cbb8-5946-4b75-a196-ade44449525b|Info|Availability|Query details
Documentation
|
+|Liveness Probe Is Not Defined
ade74944-a674-4e00-859e-c6eab5bde441|Info|Availability|Query details
Documentation
|
+|Not Limited Capabilities For Pod Security Policy
caa93370-791f-4fc6-814b-ba6ce0cb4032|Info|Insecure Configurations|Query details
Documentation
|
+|Bind Address Not Properly Set
46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2|Info|Networking and Firewall|Query details
Documentation
|
+|Using Kubernetes Native Secret Management
b9c83569-459b-4110-8f79-6305aa33cb37|Info|Secret Management|Query details
Documentation
|
diff --git a/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md b/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md
index 3080f15b264..db90bffe4e8 100644
--- a/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md
+++ b/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_run_with_low_uid)
### Description
diff --git a/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md b/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md
index 60365a590b7..2da3f97939d 100644
--- a/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md
+++ b/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cni_plugin_does_not_support_network_policies)
### Description
diff --git a/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md b/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md
index 08cf2345348..84474fc88a2 100644
--- a/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md
+++ b/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_misconfigured_network_policy)
### Description
diff --git a/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md b/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md
index 2371a2f8d8d..bb92de7adc4 100644
--- a/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md
+++ b/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_allows_access_secrets)
### Description
diff --git a/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md b/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md
index be95ab5fe6f..c4ad5b91b78 100644
--- a/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md
+++ b/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/root_ca_file_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md b/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md
index 4732a00a98b..5ccfea15943 100644
--- a/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md
+++ b/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_tls_certificate_files_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md b/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md
index b515ce85893..257888f6794 100644
--- a/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md
+++ b/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_peer_tls_certificate_files_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md b/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md
index 91f1ef37b18..4102ead774e 100644
--- a/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md
+++ b/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/encryption_provider_not_properly_configured)
### Description
diff --git a/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md b/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md
index 8ee101bb23a..e6a155979e3 100644
--- a/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md
+++ b/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/metadata_label_is_invalid)
### Description
diff --git a/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md b/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md
index 346a01f57b7..ae066477b87 100644
--- a/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md
+++ b/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_policy_file_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md b/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md
index a7406eecceb..e0cd84c19b9 100644
--- a/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md
+++ b/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/image_policy_webhook_admission_control_plugin_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md b/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md
index afc4e8bc5fd..eab327c7508 100644
--- a/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md
+++ b/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_policy_not_cover_key_security_concerns)
### Description
diff --git a/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md b/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md
index b0d4e724122..05d3e1724f5 100644
--- a/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md
+++ b/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cronjob_deadline_not_configured)
### Description
diff --git a/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md b/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md
index 91022dba797..dccf1b1862a 100644
--- a/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md
+++ b/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_with_added_capabilities)
### Description
diff --git a/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md b/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md
index f761cbc4f46..7c57cefc4d4 100644
--- a/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md
+++ b/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_event_qps_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md b/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md
index c5f5b488737..b03a49e835e 100644
--- a/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md
+++ b/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/authorization_mode_rbac_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md b/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md
index 3a3a554b1ba..eed68d7306d 100644
--- a/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md
+++ b/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/use_service_account_credentials_not_set_to_true)
### Description
diff --git a/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md b/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md
index dc4fd7aaf45..85dd7a0fa93 100644
--- a/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md
+++ b/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rotate_kubelet_server_certificate_not_active)
### Description
diff --git a/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md b/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md
index b67cc6acc41..f0fc8bb8bbe 100644
--- a/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md
+++ b/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_without_pod_disruption_budget)
### Description
diff --git a/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md b/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md
index f30fe67d770..60e18184cad 100644
--- a/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md
+++ b/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/anonymous_auth_is_not_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md b/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md
index 6f4702080a3..88a2d6d4089 100644
--- a/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md
+++ b/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/role_binding_to_default_service_account)
### Description
diff --git a/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md b/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md
index 1960f457dd0..c2eb0fa16ec 100644
--- a/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md
+++ b/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/namespace_lifecycle_admission_control_plugin_disabled)
### Description
diff --git a/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md b/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md
index 553130d3b58..09f001f2e13 100644
--- a/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md
+++ b/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/net_raw_capabilities_disabled_for_psp)
### Description
diff --git a/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md b/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md
index 48f5fa1f83f..91db0ad7266 100644
--- a/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md
+++ b/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/memory_requests_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md b/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md
index d8b3781bac4..ff80ca4ffb4 100644
--- a/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md
+++ b/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_with_sys_admin_capabilities)
### Description
diff --git a/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md b/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md
index aea9a05d3d8..641ef355c6e 100644
--- a/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md
+++ b/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cluster_admin_role_binding_with_super_user_permissions)
### Description
diff --git a/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md b/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md
index 766968ac9d4..c699e998b8c 100644
--- a/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md
+++ b/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_with_external_load_balancer)
### Description
diff --git a/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md b/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md
index 05f7501e331..bff1381adb9 100644
--- a/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md
+++ b/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/no_drop_capabilities_for_containers)
### Description
diff --git a/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md b/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md
index e27814c21f6..8d6c95d7863 100644
--- a/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md
+++ b/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_read_only_port_is_not_set_to_zero)
### Description
diff --git a/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md b/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md
index d9fb52a9837..89628f361ca 100644
--- a/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md
+++ b/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/workload_host_port_not_specified)
### Description
diff --git a/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md b/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md
index 1242d55f57c..bf7d29f39dd 100644
--- a/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md
+++ b/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/profiling_not_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md b/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md
index bd20a915cc4..4cc6b3ecd35 100644
--- a/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md
+++ b/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/hpa_targets_invalid_object)
### Description
diff --git a/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md b/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md
index 96040cbcf77..70e847fb27a 100644
--- a/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md
+++ b/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_host_pid_namespace)
### Description
diff --git a/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md b/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md
index c45756812fd..772866f56af 100644
--- a/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md
+++ b/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/token_auth_file_is_set)
### Description
diff --git a/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md b/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md
index 8a9f60a3577..fa7a41b0671 100644
--- a/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md
+++ b/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/node_restriction_admission_control_plugin_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md b/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md
index a4b9410d253..954ad4a6138 100644
--- a/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md
+++ b/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_maxsize_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md b/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md
index cbe8fd2e29b..06cc40e64b1 100644
--- a/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md
+++ b/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_client_certificate_or_key_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md b/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md
index 46a6c2a21fb..e9fcf3c9c26 100644
--- a/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md
+++ b/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/incorrect_volume_claim_access_mode_read_write_once)
### Description
diff --git a/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md b/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md
index 97baadb82ae..2a9a40e5f9c 100644
--- a/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md
+++ b/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_portforwarding_permissions)
### Description
diff --git a/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md b/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md
index 4aabfae7815..27e3583b49a 100644
--- a/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md
+++ b/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_does_not_target_pod)
### Description
diff --git a/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md b/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md
index c25f44292ad..657fcb7a80b 100644
--- a/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md
+++ b/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/secure_port_set_to_zero)
### Description
diff --git a/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md b/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md
index 5364fd205df..c232f2a9e82 100644
--- a/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md
+++ b/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/secrets_as_environment_variables)
### Description
diff --git a/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md b/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md
index 8194476f040..358a9d5953a 100644
--- a/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md
+++ b/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_client_certificate_file_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md b/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md
index edd4ac2e29c..4a65759868a 100644
--- a/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md
+++ b/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Info
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/bind_address_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md b/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md
index 0a275e22247..83bd9966aff 100644
--- a/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md
+++ b/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_token_automount_not_disabled)
### Description
diff --git a/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md b/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md
index abfd9e23f11..3c929fa45fd 100644
--- a/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md
+++ b/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_or_container_without_resource_quota)
### Description
diff --git a/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md b/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md
index d97eedd92cb..df8f1d58395 100644
--- a/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md
+++ b/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/terminated_pod_garbage_collector_threshold_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md b/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md
index fd24784a3dd..8d8610dd6bc 100644
--- a/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md
+++ b/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_or_container_without_limit_range)
### Description
diff --git a/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md b/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md
index af501e8c60c..5222d00e2ab 100644
--- a/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md
+++ b/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cpu_limits_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md b/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md
index 5b7dfb4374e..9a94beb349f 100644
--- a/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md
+++ b/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/authorization_mode_node_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md b/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md
index 56f14f97c67..4cbebb4e9bd 100644
--- a/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md
+++ b/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/weak_tls_cipher_suites)
### Description
diff --git a/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md b/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md
index 37fbaa4da8e..1e98d33737b 100644
--- a/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md
+++ b/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_client_periodic_certificate_switch_disabled)
### Description
diff --git a/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md b/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md
index 75b59858715..f0968725c10 100644
--- a/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md
+++ b/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/workload_mounting_with_sensitive_os_directory)
### Description
diff --git a/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md b/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md
index 510133dd8c9..185d68c414a 100644
--- a/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md
+++ b/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/privilege_escalation_allowed)
### Description
diff --git a/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md b/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md
index 528949e3704..4d15ab6396d 100644
--- a/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md
+++ b/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Info
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/hpa_targeted_deployments_with_configured_replica_count)
### Description
diff --git a/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md b/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md
index 7d26ca861b0..f6698e0d17b 100644
--- a/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md
+++ b/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/invalid_image)
### Description
diff --git a/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md b/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md
index 68a9e9eb2e6..6fae2c9cfed 100644
--- a/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md
+++ b/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_name_undefined_or_empty)
### Description
diff --git a/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md b/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md
index e56c7323a4e..14006f6ccdc 100644
--- a/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md
+++ b/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/permissive_access_to_create_pods)
### Description
diff --git a/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md b/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md
index 7b5cd289a43..0edd2850091 100644
--- a/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md
+++ b/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/basic_auth_file_is_set)
### Description
diff --git a/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md b/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md
index 1a76bdfd758..e167aeb7661 100644
--- a/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md
+++ b/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_not_managing_ip_tables)
### Description
diff --git a/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md b/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md
index 0c48b1c6238..6515feaddfc 100644
--- a/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md
+++ b/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/using_unrecommended_namespace)
### Description
diff --git a/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md b/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md
index 3231dff58e0..56138cf1155 100644
--- a/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md
+++ b/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/ingress_controller_exposes_workload)
### Description
diff --git a/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md b/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md
index 7aa1e0c27a6..4f4f3d055be 100644
--- a/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md
+++ b/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/security_context_deny_admission_control_plugin_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md b/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md
index 3fba93ea453..b90fc27e5dd 100644
--- a/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md
+++ b/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_host_network_namespace)
### Description
diff --git a/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md b/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md
index de38c7969e1..91bfe15dfb4 100644
--- a/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md
+++ b/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_wildcard_in_rule)
### Description
diff --git a/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md b/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md
index 8591cb20cd5..6f60a310264 100644
--- a/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md
+++ b/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_protect_kernel_defaults_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md b/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md
index df36f233a5a..17a45f6818b 100644
--- a/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md
+++ b/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tiller_is_deployed)
### Description
diff --git a/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md b/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md
index dbc67d7ee8f..87aee7722fa 100644
--- a/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md
+++ b/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_with_added_capabilities)
### Description
diff --git a/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md b/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md
index f14570346e9..03a6b4d6c1c 100644
--- a/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md
+++ b/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_path_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md b/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md
index 0fe1fed5076..e9666db727f 100644
--- a/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md
+++ b/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_maxbackup_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md b/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md
index 467f19401f2..5af05efba22 100644
--- a/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md
+++ b/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/image_without_digest)
### Description
diff --git a/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md b/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md
index 9191f48e507..b2771fd1a3a 100644
--- a/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md
+++ b/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_allows_sharing_host_ipc)
### Description
diff --git a/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md b/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md
index 4c0b32581a0..0874a5e108e 100644
--- a/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md
+++ b/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_allow_privilege_escalation)
### Description
diff --git a/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md b/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md
index d4796664737..467ae888a58 100644
--- a/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md
+++ b/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_type_is_nodeport)
### Description
diff --git a/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md b/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md
index b5fd47dfe8a..8e0df0924f8 100644
--- a/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md
+++ b/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/network_policy_is_not_targeting_any_pod)
### Description
diff --git a/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md b/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md
index af6da92a8d5..6c00df14b8d 100644
--- a/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md
+++ b/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_allows_privilege_escalation)
### Description
diff --git a/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md b/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md
index 0797e6c7ba1..c9bff0118b3 100644
--- a/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md
+++ b/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_tls_certificate_not_properly_configured)
### Description
diff --git a/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md b/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md
index b5ddbe7a51f..e0067880288 100644
--- a/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md
+++ b/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/missing_app_armor_config)
### Description
diff --git a/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md b/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md
index e0ee15b9cd3..f17db421fb0 100644
--- a/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md
+++ b/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tiller_service_is_not_deleted)
### Description
diff --git a/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md b/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md
index 379001c97b7..de818c77558 100644
--- a/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md
+++ b/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_requests_storage)
### Description
diff --git a/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md b/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md
index 3f75603292f..ed7b252d65a 100644
--- a/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md
+++ b/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cluster_allows_unsafe_sysctls)
### Description
diff --git a/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md b/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md
index f8950156168..af90dea5514 100644
--- a/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md
+++ b/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_allows_sharing_host_pid)
### Description
diff --git a/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md b/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md
index 20cbe47b34c..8832ad13e58 100644
--- a/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md
+++ b/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_client_certificate_authentication_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md b/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md
index bc1349998f4..4ad7cbd9dcd 100644
--- a/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md
+++ b/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/object_is_using_a_deprecated_api_version)
### Description
diff --git a/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md b/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md
index a77009a14c8..7ef7b3d1243 100644
--- a/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md
+++ b/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_admission_control_plugin_disabled)
### Description
diff --git a/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md b/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md
index e76ee94204a..46d10fc1df0 100644
--- a/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md
+++ b/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/auto_tls_set_to_true)
### Description
diff --git a/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md b/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md
index 8b02cb1e9a1..a365c88bda6 100644
--- a/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md
+++ b/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_impersonate_permission)
### Description
diff --git a/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md b/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md
index 84a42068d4a..2d27a2e5ee6 100644
--- a/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md
+++ b/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/deployment_has_no_pod_anti_affinity)
### Description
diff --git a/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md b/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md
index 9b99e187f14..c90d45c9e27 100644
--- a/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md
+++ b/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_containers_share_host_network_namespace)
### Description
diff --git a/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md b/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md
index 70ab5bd4a54..4740169c317 100644
--- a/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md
+++ b/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_lookup_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md b/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md
index c6878d37e5d..a15335940f6 100644
--- a/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md
+++ b/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/readiness_probe_is_not_configured)
### Description
diff --git a/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md b/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md
index 87f6a019d70..cbb1a92ea82 100644
--- a/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md
+++ b/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/docker_daemon_socket_is_exposed_to_containers)
### Description
diff --git a/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md b/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md
index 0a719b6dc8a..9a24827c0f6 100644
--- a/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md
+++ b/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/always_pull_images_admission_control_plugin_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md b/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md
index 883473c2d1c..2a2e418d859 100644
--- a/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md
+++ b/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_or_container_without_security_context)
### Description
diff --git a/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md b/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md
index 1270319915b..39b167f9e2c 100644
--- a/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md
+++ b/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/root_container_not_mounted_as_read_only)
### Description
diff --git a/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md b/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md
index 0566be76373..7410d83ce5d 100644
--- a/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md
+++ b/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/non_kube_system_pod_with_host_mount)
### Description
diff --git a/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md b/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md
index 5bafd838f60..0ce8800457f 100644
--- a/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md
+++ b/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Info
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/liveness_probe_is_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md b/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md
index a42de2b18ba..c69cf42a5e4 100644
--- a/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md
+++ b/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/peer_auto_tls_set_to_true)
### Description
diff --git a/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md b/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md
index cf6b75073ba..054f8e0426e 100644
--- a/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md
+++ b/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_security_policy_admission_control_plugin_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md b/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md
index 74327a7139f..fe58511ea10 100644
--- a/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md
+++ b/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/memory_limits_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md b/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md
index 4d2395c4b37..ae5ebf6322e 100644
--- a/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md
+++ b/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/deployment_without_pod_disruption_budget)
### Description
diff --git a/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md b/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md
index e2ea21f2bc6..e3fd4f84f01 100644
--- a/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md
+++ b/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/volume_mount_with_os_directory_write_permissions)
### Description
diff --git a/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md b/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md
index 5e66dae7551..2e13b39fa98 100644
--- a/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md
+++ b/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_read_secrets_permissions)
### Description
diff --git a/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md b/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md
index 6a9eb8aec1a..7a17c3383d0 100644
--- a/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md
+++ b/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_peer_client_certificate_authentication_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md b/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md
index 2f1f487f0d3..ae88bf64804 100644
--- a/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md
+++ b/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/insecure_bind_address_set)
### Description
diff --git a/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md b/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md
index 2e78589e346..e73eaadda28 100644
--- a/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md
+++ b/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Info
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/using_kubernetes_native_secret_management)
### Description
diff --git a/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md b/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md
index 8c5b62a0295..e4457a4d6f4 100644
--- a/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md
+++ b/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_without_service_name)
### Description
diff --git a/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md b/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md
index 8917340d2ef..aff9ed2f704 100644
--- a/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md
+++ b/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_hostname_override_is_set)
### Description
diff --git a/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md b/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md
index ea5c5ba976f..a1aff0e3cc4 100644
--- a/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md
+++ b/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_service_account)
### Description
diff --git a/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md b/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md
index 3a1a23c606b..67950902fd4 100644
--- a/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md
+++ b/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_set_to_privileged)
### Description
diff --git a/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md b/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md
index 4a953b26134..870c13d786b 100644
--- a/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md
+++ b/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_exec_permission)
### Description
diff --git a/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md b/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md
index 39462d723e0..8c2173b097a 100644
--- a/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md
+++ b/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cpu_requests_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md b/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md
index 2f8191c7863..db595dbb5eb 100644
--- a/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md
+++ b/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/image_pull_policy_of_container_is_not_always)
### Description
diff --git a/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md b/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md
index 12dbb19574b..d292c3ba19e 100644
--- a/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md
+++ b/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Info
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy)
### Description
diff --git a/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md b/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md
index c5a2a6dcc06..9ac83e21beb 100644
--- a/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md
+++ b/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/not_unique_certificate_authority)
### Description
diff --git a/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md b/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md
index 17a0ad3b487..c8b6f3e78cb 100644
--- a/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md
+++ b/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/encryption_provider_config_is_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md b/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md
index 86fa26f6cee..25928a0d797 100644
--- a/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md
+++ b/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_private_key_file_not_defined)
### Description
diff --git a/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md b/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md
index e655806f1a9..44d90608ea3 100644
--- a/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md
+++ b/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_host_ipc_namespace)
### Description
diff --git a/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md b/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md
index ae3b202a6be..ed8c8a65154 100644
--- a/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md
+++ b/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_https_set_to_false)
### Description
diff --git a/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md b/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md
index fb210c54267..c20876ecd3b 100644
--- a/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md
+++ b/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/always_admit_admission_control_plugin_set)
### Description
diff --git a/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md b/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md
index 80a88152662..2ec2999f241 100644
--- a/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md
+++ b/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_running_as_root)
### Description
diff --git a/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md b/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md
index c448d3a1cf6..022328cd9a2 100644
--- a/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md
+++ b/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/dashboard_is_enabled)
### Description
diff --git a/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md b/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md
index b45610df96e..8f671ce89f7 100644
--- a/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md
+++ b/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_attach_permission)
### Description
diff --git a/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md b/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md
index 7c5e7e8c4aa..a7103edeb2b 100644
--- a/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md
+++ b/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_has_no_pod_anti_affinity)
### Description
diff --git a/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md b/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md
index 2527b4b48b6..383e897abfd 100644
--- a/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md
+++ b/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/request_timeout_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md b/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md
index 3072ebc3510..83586151b53 100644
--- a/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md
+++ b/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_maxage_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md b/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md
index 2d92cb29b46..a690649fffe 100644
--- a/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md
+++ b/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_key_file_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md b/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md
index 3316d4f239f..a1f065a9ec1 100644
--- a/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md
+++ b/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/net_raw_capabilities_not_being_dropped)
### Description
diff --git a/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md b/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md
index 1c7a8628d69..8b77d9d7b13 100644
--- a/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md
+++ b/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/container_is_privileged)
### Description
diff --git a/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md b/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md
index fb26e53d992..d5f716ea2b5 100644
--- a/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md
+++ b/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_with_unrestricted_access_to_host_path)
### Description
diff --git a/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md b/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md
index 9b3719a4d8b..f725564033c 100644
--- a/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md
+++ b/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/event_rate_limit_admission_control_plugin_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md b/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md
index d8af08eaa67..c593d39c3a7 100644
--- a/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md
+++ b/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/client_certificate_authentication_not_setup_properly)
### Description
diff --git a/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md b/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md
index 2a11d08bd3b..ef25c0a9bb6 100644
--- a/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md
+++ b/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tiller_deployment_is_accessible_from_within_the_cluster)
### Description
diff --git a/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md b/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md
index f226365e212..292ce0edf8d 100644
--- a/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md
+++ b/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/root_containers_admitted)
### Description
diff --git a/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md b/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md
index 5fd556db99b..fa62437acbc 100644
--- a/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md
+++ b/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Info
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/ensure_administrative_boundaries_between_resources)
### Description
diff --git a/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md b/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md
index 3f0c21b88c7..bdc76a7f281 100644
--- a/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md
+++ b/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_certificate_authority_not_set)
### Description
diff --git a/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md b/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md
index 1bf5f3cea11..f2a1b0f7909 100644
--- a/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md
+++ b/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_streaming_connection_timeout_disabled)
### Description
diff --git a/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md b/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md
index 6b486733e4c..d6b118f9a9d 100644
--- a/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md
+++ b/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/authorization_mode_set_to_always_allow)
### Description
diff --git a/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md b/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md
index c4fa4ad0b98..c7bb1f040a1 100644
--- a/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md
+++ b/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/seccomp_profile_is_not_configured)
### Description
diff --git a/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md b/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md
index c9c14fa2a9c..20e31afec6a 100644
--- a/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md
+++ b/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/container_runs_unmasked)
### Description
diff --git a/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md b/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md
index 6f6eaf654a6..baa09186688 100644
--- a/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md
+++ b/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/insecure_port_not_properly_set)
### Description
diff --git a/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md b/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md
index 1a8c0e0d613..82c29e0305e 100644
--- a/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md
+++ b/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Kubernetes
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tls_connection_certificate_not_setup)
### Description
diff --git a/docs/queries/openapi-queries.md b/docs/queries/openapi-queries.md
index 2e319ee5ea9..784b09d3d80 100644
--- a/docs/queries/openapi-queries.md
+++ b/docs/queries/openapi-queries.md
@@ -8,53 +8,53 @@ Below are listed queries related to OpenAPI 2.0:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Security Definitions Undefined or Empty
e3f026e8-fdb4-4d5a-bcfd-bd94452073fe|High|Access Control|Query details
Documentation
|
-|Security Requirement Not Defined In Security Definition
a599b0d1-ff89-4cb8-9ece-9951854c06f6|High|Structure and Semantics|Query details
Documentation
|
-|Global Security Using Password Flow
2da46be4-4317-4650-9285-56d7103c4f93|Medium|Access Control|Query details
Documentation
|
-|Implicit Flow in OAuth2 (v2)
e9817ad8-a8c9-4038-8a2f-db0e6e7b284b|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Authorization URL (v2)
33d96c65-977d-4c33-943f-440baca49185|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Token URL (v2)
274f910a-0665-4f08-b66d-7058fe927dba|Medium|Access Control|Query details
Documentation
|
-|Operation Using Basic Auth
ceefb058-8065-418f-9c4c-584a78c7e104|Medium|Access Control|Query details
Documentation
|
-|Operation Using Implicit Flow
f42dfe7e-787d-4478-a75e-a5f3d8a2269e|Medium|Access Control|Query details
Documentation
|
-|Operation Using Password Flow
2e44e632-d617-43cb-b294-6bfe72a08938|Medium|Access Control|Query details
Documentation
|
-|Security Definitions Allows Password Flow
773116aa-2e6d-416f-bd85-f0301cc05d76|Medium|Access Control|Query details
Documentation
|
-|Security Definitions Using Basic Auth
221015a8-aa2a-43f5-b00b-ad7d2b1d47a8|Medium|Access Control|Query details
Documentation
|
-|Global Schemes Uses HTTP
f30ee711-0082-4480-85ab-31d922d9a2b2|Medium|Encryption|Query details
Documentation
|
-|Path Scheme Accepts HTTP (v2)
a6847dc6-f4ea-45ac-a81f-93291ae6c573|Medium|Encryption|Query details
Documentation
|
-|Schemes Uses HTTP
a46928f1-43d7-4671-94e0-2dd99746f389|Medium|Encryption|Query details
Documentation
|
-|Operation Object Without 'consumes'
0c79e50e-b3cf-490c-b8f6-587c644d4d0c|Medium|Insecure Configurations|Query details
Documentation
|
-|Operation Object Without 'produces'
be3e170e-1572-461e-a8b6-d963def581ec|Medium|Insecure Configurations|Query details
Documentation
|
-|Non OAuth2 Security Requirement Defining OAuth2 Scopes
ba239cb9-f342-4c20-812d-7b5a2aa6969e|Medium|Structure and Semantics|Query details
Documentation
|
-|Undefined Scope 'securityDefinition' On 'security' Field On Operations
3847280c-9193-40bc-8009-76168e822ce2|Low|Access Control|Query details
Documentation
|
-|Undefined Scope 'securityDefinition' On Global 'security' Field
9aa6e95c-d964-4239-a3a8-9f37a3c5a31f|Low|Access Control|Query details
Documentation
|
-|Constraining Enum Property
be1d8733-3731-40c7-a845-734741c6871d|Info|Best Practices|Query details
Documentation
|
-|Global Parameter Definition Not Being Used
b30981fa-a12e-49c7-a5bb-eeafb61d0f0f|Info|Best Practices|Query details
Documentation
|
-|Global Responses Definition Not Being Used
0b76d993-ee52-43e0-8b39-3787d2ddabf1|Info|Best Practices|Query details
Documentation
|
-|Global Schema Definition Not Being Used
6d2e0790-cc3d-4c74-b973-d4e8b09f4455|Info|Best Practices|Query details
Documentation
|
-|Invalid Media Type Value (v2)
f985a7d2-d404-4a7f-9814-f645f791e46e|Info|Best Practices|Query details
Documentation
|
-|Operation Summary Too Long
d47940ca-5970-45cc-bdd1-4d81398cee1f|Info|Best Practices|Query details
Documentation
|
-|Schema with 'additionalProperties' set as Boolean
3a01790c-ebee-4da6-8fd3-e78657383b75|Info|Best Practices|Query details
Documentation
|
-|Unknown Prefix (v2)
3b615f00-c443-4ba9-acc4-7c308716917d|Info|Best Practices|Query details
Documentation
|
-|BasePath With Wrong Format
b4803607-ed72-4d60-99e2-3fa6edf471c6|Info|Structure and Semantics|Query details
Documentation
|
-|Body Parameter With Wrong Property
c38d630d-a415-4e3e-bac2-65475979ba88|Info|Structure and Semantics|Query details
Documentation
|
-|Body Parameter Without Schema
ed48229d-d43e-4da7-b453-5f98d964a57a|Info|Structure and Semantics|Query details
Documentation
|
-|File Parameter With Wrong Consumes Property
7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a|Info|Structure and Semantics|Query details
Documentation
|
-|Host With Invalid Pattern
3d7d7b6c-fb0a-475e-8a28-c125e30d15f0|Info|Structure and Semantics|Query details
Documentation
|
-|Multi 'collectionformat' Not Valid For 'in' Parameter
750f6448-27c0-49f8-a153-b81735c1e19c|Info|Structure and Semantics|Query details
Documentation
|
-|Multiple Body Parameters In The Same Operation
b90033cf-ad9f-4fb9-acd1-1b9d6d278c87|Info|Structure and Semantics|Query details
Documentation
|
-|Non Body Parameter Without Schema
73c3bc54-3cc6-4c0a-b30a-e19f2abfc951|Info|Structure and Semantics|Query details
Documentation
|
-|Object Without Required Property (v2)
5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275|Info|Structure and Semantics|Query details
Documentation
|
-|Operation Example Mismatch Produces MimeType
2cf35b40-ded3-43d6-9633-c8dcc8bcc822|Info|Structure and Semantics|Query details
Documentation
|
-|Operation Object Parameters With 'body' And 'formatData' locations
eb3f9744-d24e-4614-b1ff-2a9514eca21c|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter File Type Not In 'formData'
c3cab8c4-6c52-47a9-942b-c27f26fbd7d2|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter JSON Reference Does Not Exists (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Incorrect Ref (v2)
2596545e-1757-4ff7-a15a-8a9a180a42f3|Info|Structure and Semantics|Query details
Documentation
|
-|Property Not Unique
750b40be-4bac-4f59-bdc4-1ca0e6c3450e|Info|Structure and Semantics|Query details
Documentation
|
-|Response Object With Incorrect Ref (v2)
bccfa089-89e4-47e0-a0e5-185fe6902220|Info|Structure and Semantics|Query details
Documentation
|
-|Responses JSON Reference Does Not Exists (v2)
e9db5fb4-6a84-4abb-b4af-3b94fbdace6d|Info|Structure and Semantics|Query details
Documentation
|
-|Schema JSON Reference Does Not Exists (v2)
98295b32-ec09-4b5b-89a9-39853197f914|Info|Structure and Semantics|Query details
Documentation
|
-|Schema Object Incorrect Ref (v2)
0220e1c5-65d1-49dd-b7c2-cef6d6cb5283|Info|Structure and Semantics|Query details
Documentation
|
-|Unknown Property (v2)
429b2106-ba37-43ba-9727-7f699cc611e1|Info|Structure and Semantics|Query details
Documentation
|
+|Security Definitions Undefined or Empty
e3f026e8-fdb4-4d5a-bcfd-bd94452073fe|High|Access Control|Query details
Documentation
|
+|Security Requirement Not Defined In Security Definition
a599b0d1-ff89-4cb8-9ece-9951854c06f6|High|Structure and Semantics|Query details
Documentation
|
+|Global Security Using Password Flow
2da46be4-4317-4650-9285-56d7103c4f93|Medium|Access Control|Query details
Documentation
|
+|Implicit Flow in OAuth2 (v2)
e9817ad8-a8c9-4038-8a2f-db0e6e7b284b|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Authorization URL (v2)
33d96c65-977d-4c33-943f-440baca49185|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Token URL (v2)
274f910a-0665-4f08-b66d-7058fe927dba|Medium|Access Control|Query details
Documentation
|
+|Operation Using Basic Auth
ceefb058-8065-418f-9c4c-584a78c7e104|Medium|Access Control|Query details
Documentation
|
+|Operation Using Implicit Flow
f42dfe7e-787d-4478-a75e-a5f3d8a2269e|Medium|Access Control|Query details
Documentation
|
+|Operation Using Password Flow
2e44e632-d617-43cb-b294-6bfe72a08938|Medium|Access Control|Query details
Documentation
|
+|Security Definitions Allows Password Flow
773116aa-2e6d-416f-bd85-f0301cc05d76|Medium|Access Control|Query details
Documentation
|
+|Security Definitions Using Basic Auth
221015a8-aa2a-43f5-b00b-ad7d2b1d47a8|Medium|Access Control|Query details
Documentation
|
+|Global Schemes Uses HTTP
f30ee711-0082-4480-85ab-31d922d9a2b2|Medium|Encryption|Query details
Documentation
|
+|Path Scheme Accepts HTTP (v2)
a6847dc6-f4ea-45ac-a81f-93291ae6c573|Medium|Encryption|Query details
Documentation
|
+|Schemes Uses HTTP
a46928f1-43d7-4671-94e0-2dd99746f389|Medium|Encryption|Query details
Documentation
|
+|Operation Object Without 'consumes'
0c79e50e-b3cf-490c-b8f6-587c644d4d0c|Medium|Insecure Configurations|Query details
Documentation
|
+|Operation Object Without 'produces'
be3e170e-1572-461e-a8b6-d963def581ec|Medium|Insecure Configurations|Query details
Documentation
|
+|Non OAuth2 Security Requirement Defining OAuth2 Scopes
ba239cb9-f342-4c20-812d-7b5a2aa6969e|Medium|Structure and Semantics|Query details
Documentation
|
+|Undefined Scope 'securityDefinition' On 'security' Field On Operations
3847280c-9193-40bc-8009-76168e822ce2|Low|Access Control|Query details
Documentation
|
+|Undefined Scope 'securityDefinition' On Global 'security' Field
9aa6e95c-d964-4239-a3a8-9f37a3c5a31f|Low|Access Control|Query details
Documentation
|
+|Constraining Enum Property
be1d8733-3731-40c7-a845-734741c6871d|Info|Best Practices|Query details
Documentation
|
+|Global Parameter Definition Not Being Used
b30981fa-a12e-49c7-a5bb-eeafb61d0f0f|Info|Best Practices|Query details
Documentation
|
+|Global Responses Definition Not Being Used
0b76d993-ee52-43e0-8b39-3787d2ddabf1|Info|Best Practices|Query details
Documentation
|
+|Global Schema Definition Not Being Used
6d2e0790-cc3d-4c74-b973-d4e8b09f4455|Info|Best Practices|Query details
Documentation
|
+|Invalid Media Type Value (v2)
f985a7d2-d404-4a7f-9814-f645f791e46e|Info|Best Practices|Query details
Documentation
|
+|Operation Summary Too Long
d47940ca-5970-45cc-bdd1-4d81398cee1f|Info|Best Practices|Query details
Documentation
|
+|Schema with 'additionalProperties' set as Boolean
3a01790c-ebee-4da6-8fd3-e78657383b75|Info|Best Practices|Query details
Documentation
|
+|Unknown Prefix (v2)
3b615f00-c443-4ba9-acc4-7c308716917d|Info|Best Practices|Query details
Documentation
|
+|BasePath With Wrong Format
b4803607-ed72-4d60-99e2-3fa6edf471c6|Info|Structure and Semantics|Query details
Documentation
|
+|Body Parameter With Wrong Property
c38d630d-a415-4e3e-bac2-65475979ba88|Info|Structure and Semantics|Query details
Documentation
|
+|Body Parameter Without Schema
ed48229d-d43e-4da7-b453-5f98d964a57a|Info|Structure and Semantics|Query details
Documentation
|
+|File Parameter With Wrong Consumes Property
7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a|Info|Structure and Semantics|Query details
Documentation
|
+|Host With Invalid Pattern
3d7d7b6c-fb0a-475e-8a28-c125e30d15f0|Info|Structure and Semantics|Query details
Documentation
|
+|Multi 'collectionformat' Not Valid For 'in' Parameter
750f6448-27c0-49f8-a153-b81735c1e19c|Info|Structure and Semantics|Query details
Documentation
|
+|Multiple Body Parameters In The Same Operation
b90033cf-ad9f-4fb9-acd1-1b9d6d278c87|Info|Structure and Semantics|Query details
Documentation
|
+|Non Body Parameter Without Schema
73c3bc54-3cc6-4c0a-b30a-e19f2abfc951|Info|Structure and Semantics|Query details
Documentation
|
+|Object Without Required Property (v2)
5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275|Info|Structure and Semantics|Query details
Documentation
|
+|Operation Example Mismatch Produces MimeType
2cf35b40-ded3-43d6-9633-c8dcc8bcc822|Info|Structure and Semantics|Query details
Documentation
|
+|Operation Object Parameters With 'body' And 'formatData' locations
eb3f9744-d24e-4614-b1ff-2a9514eca21c|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter File Type Not In 'formData'
c3cab8c4-6c52-47a9-942b-c27f26fbd7d2|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter JSON Reference Does Not Exists (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Incorrect Ref (v2)
2596545e-1757-4ff7-a15a-8a9a180a42f3|Info|Structure and Semantics|Query details
Documentation
|
+|Property Not Unique
750b40be-4bac-4f59-bdc4-1ca0e6c3450e|Info|Structure and Semantics|Query details
Documentation
|
+|Response Object With Incorrect Ref (v2)
bccfa089-89e4-47e0-a0e5-185fe6902220|Info|Structure and Semantics|Query details
Documentation
|
+|Responses JSON Reference Does Not Exists (v2)
e9db5fb4-6a84-4abb-b4af-3b94fbdace6d|Info|Structure and Semantics|Query details
Documentation
|
+|Schema JSON Reference Does Not Exists (v2)
98295b32-ec09-4b5b-89a9-39853197f914|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object Incorrect Ref (v2)
0220e1c5-65d1-49dd-b7c2-cef6d6cb5283|Info|Structure and Semantics|Query details
Documentation
|
+|Unknown Property (v2)
429b2106-ba37-43ba-9727-7f699cc611e1|Info|Structure and Semantics|Query details
Documentation
|
### 3.0
Below are listed queries related to OpenAPI 3.0:
@@ -63,81 +63,81 @@ Below are listed queries related to OpenAPI 3.0:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Cleartext Credentials With Basic Authentication For Operation
86b1fa30-9790-4980-994d-a27e0f6f27c1|Medium|Access Control|Query details
Documentation
|
-|Field 'securityScheme' On Components Is Undefined
8db5544e-4874-4baa-9322-e9f75a2d219e|Medium|Access Control|Query details
Documentation
|
-|Global Security Scheme Using Basic Authentication
77276d82-4f45-4cf1-8e2b-4d345b936228|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Authorization URL (v3)
52c0d841-60d6-4a81-88dd-c35fef36d315|Medium|Access Control|Query details
Documentation
|
-|Invalid OAuth2 Token URL (v3)
3ba0cca1-b815-47bf-ac62-1e584eb64a05|Medium|Access Control|Query details
Documentation
|
-|OAuth2 With Implicit Flow
39cb32f2-3a42-4af0-8037-82a7a9654b6c|Medium|Access Control|Query details
Documentation
|
-|OAuth2 With Password Flow
3979b0a4-532c-4ea7-86e4-34c090eaa4f2|Medium|Access Control|Query details
Documentation
|
-|Security Scheme HTTP Unknown Scheme
06764426-3c56-407e-981f-caa25db1c149|Medium|Access Control|Query details
Documentation
|
-|Global Server Object Uses HTTP
2d8c175a-6d90-412b-8b0e-e034ea49a1fe|Medium|Encryption|Query details
Documentation
|
-|Path Server Object Uses HTTP (v3)
9670f240-7b4d-4955-bd93-edaa9fa38b58|Medium|Encryption|Query details
Documentation
|
-|Media Type Object Without Schema
f79b9d26-e945-44e7-98a1-b93f0f7a68a0|Medium|Insecure Configurations|Query details
Documentation
|
-|Parameter Object Without Schema
8fe1846f-52cc-4413-ace9-1933d7d23672|Medium|Insecure Configurations|Query details
Documentation
|
-|Header Object Without Schema
50de3b5b-6465-4e06-a9b0-b4c2ba34326b|Medium|Networking and Firewall|Query details
Documentation
|
-|API Key Exposed In Global Security Scheme
40e1d1bf-11a9-4f63-a3a2-a8b84c602839|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using HTTP Basic
68e5fcac-390c-4939-a373-6074b7be7c71|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using HTTP Digest
a4247b11-890b-45df-bf42-350a7a3af9be|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using HTTP Negotiate
f525cc92-9050-4c41-a75c-890dc6f64449|Low|Access Control|Query details
Documentation
|
-|Security Scheme Using Oauth 1.0
1bc3205c-0d60-44e6-84f3-44fbf4dac5b3|Low|Access Control|Query details
Documentation
|
-|Undefined Scope 'securityScheme' On 'security' Field On Operations
462d6a1d-fed9-4d75-bb9e-3de902f35e6e|Low|Access Control|Query details
Documentation
|
-|Undefined Scope 'securityScheme' On Global 'security' Field
23a9e2d9-8738-4556-a71c-2802b6ffa022|Low|Access Control|Query details
Documentation
|
-|Additional Properties Too Permissive
9f88c88d-824d-4d9a-b985-e22977046042|Low|Insecure Configurations|Query details
Documentation
|
-|Additional Properties Too Restrictive
a19c3bbd-c056-40d7-9e1c-eeb0634e320d|Low|Insecure Configurations|Query details
Documentation
|
-|Success Response Code Undefined for Trace Operation
105e20dd-8449-4d71-95c6-d5dac96639af|Low|Networking and Firewall|Query details
Documentation
|
-|Components Callback Definition Is Unused
d15db953-a553-4b8a-9a14-a3d62ea3d79d|Info|Best Practices|Query details
Documentation
|
-|Components Example Definition Is Unused
b05bb927-2df5-43cc-8d7b-6825c0e71625|Info|Best Practices|Query details
Documentation
|
-|Components Header Definition Is Unused
a68da022-e95a-4bc2-97d3-481e0bd6d446|Info|Best Practices|Query details
Documentation
|
-|Components Link Definition Is Unused
c19779a9-5774-4d2f-a3a1-a99831730375|Info|Best Practices|Query details
Documentation
|
-|Components Parameter Definition Is Unused
698a464e-bb3e-4ba8-ab5e-e6599b7644a0|Info|Best Practices|Query details
Documentation
|
-|Components Request Body Definition Is Unused
6b76f589-9713-44ab-97f5-59a3dba1a285|Info|Best Practices|Query details
Documentation
|
-|Components Response Definition Is Unused
9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae|Info|Best Practices|Query details
Documentation
|
-|Components Schema Definition Is Unused
962fa01e-b791-4dcc-b04a-4a3e7389be5e|Info|Best Practices|Query details
Documentation
|
-|Encoding Header 'Content-Type' Improperly Defined
4cd8de87-b595-48b6-ab3c-1904567135ab|Info|Best Practices|Query details
Documentation
|
-|Invalid Media Type Value (v3)
cf4a5f45-a27b-49df-843a-9911dbfe71d4|Info|Best Practices|Query details
Documentation
|
-|Property 'allowEmptyValue' Ignored
59c2f769-7cc2-49c8-a3de-4e211135cfab|Info|Best Practices|Query details
Documentation
|
-|Property 'allowReserved' of Encoding Object Ignored
4190dda7-af03-4cf0-a128-70ac1661ca09|Info|Best Practices|Query details
Documentation
|
-|Property 'explode' of Encoding Object Ignored
a4dd69b8-49fa-45d2-a060-c76655405b05|Info|Best Practices|Query details
Documentation
|
-|Property 'style' of Encoding Object Ignored
d3ea644a-9a5c-4fee-941f-f8a6786c0470|Info|Best Practices|Query details
Documentation
|
-|Unknown Prefix (v3)
a5375be3-521c-43bb-9eab-e2432e368ee4|Info|Best Practices|Query details
Documentation
|
-|Callback JSON Reference Does Not Exists
f29904c8-6041-4bca-b043-dfa0546b8079|Info|Structure and Semantics|Query details
Documentation
|
-|Callback Object With Incorrect Ref
ba066cda-e808-450d-92b6-f29109754d45|Info|Structure and Semantics|Query details
Documentation
|
-|Components Object Fixed Field Key Improperly Named
151331e2-11f4-4bb6-bd35-9a005e695087|Info|Structure and Semantics|Query details
Documentation
|
-|Empty Array
5915c20f-dffa-4cee-b5d4-f457ddc0151a|Info|Structure and Semantics|Query details
Documentation
|
-|Encoding Map Key Mismatch Schema Defined Properties
cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b|Info|Structure and Semantics|Query details
Documentation
|
-|Example JSON Reference Does Not Exists
6a2c219f-da5e-4745-941e-5ea8cde23356|Info|Structure and Semantics|Query details
Documentation
|
-|Example JSON Reference Outside Components Examples
bac56e3c-1f71-4a74-8ae6-2fba07efcddb|Info|Structure and Semantics|Query details
Documentation
|
-|Header JSON Reference Does Not Exists
376c9390-7e9e-4cb8-a067-fd31c05451fd|Info|Structure and Semantics|Query details
Documentation
|
-|Header Object With Incorrect Ref
2d6646f4-2946-420f-8c14-3232d49ae0cb|Info|Structure and Semantics|Query details
Documentation
|
-|Invalid Content Type For Multiple Files Upload
26f06397-36d8-4ce7-b993-17711261d777|Info|Structure and Semantics|Query details
Documentation
|
-|Link JSON Reference Does Not Exists
801f0c6a-a834-4467-89c6-ddecffb46b5a|Info|Structure and Semantics|Query details
Documentation
|
-|Link Object Incorrect Ref
b9db8a10-020c-49ca-88c6-780e5fdb4328|Info|Structure and Semantics|Query details
Documentation
|
-|Link Object OperationId Does Not Target Operation Object
c5bb7461-aa57-470b-a714-3bc3d74f4669|Info|Structure and Semantics|Query details
Documentation
|
-|Link Object With Both 'operationId' And 'operationRef'
60fb6621-9f02-473b-9424-ba9a825747d3|Info|Structure and Semantics|Query details
Documentation
|
-|Object Without Required Property (v3)
d172a060-8569-4412-8045-3560ebd477e8|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter JSON Reference Does Not Exists (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object Content With Multiple Entries
8bfed1c6-2d59-4924-bc7f-9b9d793ed0df|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Incorrect Ref (v3)
d40f27e6-15fb-4b56-90f8-fc0ff0291c51|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Schema And Content
31dd6fc0-f274-493b-9614-e063086c19fc|Info|Structure and Semantics|Query details
Documentation
|
-|Parameter Object With Undefined Type
46facedc-f243-4108-ab33-583b807d50b0|Info|Structure and Semantics|Query details
Documentation
|
-|Property 'allowReserved' Improperly Defined
7f203940-39c4-4ea7-91ee-7aba16bca9e2|Info|Structure and Semantics|Query details
Documentation
|
-|Request Body JSON Reference Does Not Exists
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|Info|Structure and Semantics|Query details
Documentation
|
-|Request Body Object With Incorrect Media Type
58f06434-a88c-4f74-826c-db7e10cc7def|Info|Structure and Semantics|Query details
Documentation
|
-|Request Body With Incorrect Ref
0f6cd0ab-c366-4595-84fc-fbd8b9901e4d|Info|Structure and Semantics|Query details
Documentation
|
-|Response JSON Reference Does Not Exists (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|Info|Structure and Semantics|Query details
Documentation
|
-|Response Object With Incorrect Ref (v3)
b3871dd8-9333-4d6c-bd52-67eb898b71ab|Info|Structure and Semantics|Query details
Documentation
|
-|Schema JSON Reference Does Not Exists (v3)
015eac96-6313-43c0-84e5-81b1374fa637|Info|Structure and Semantics|Query details
Documentation
|
-|Schema Object Incorrect Ref (v3)
4cac7ace-b0fb-477d-830d-65395d9109d9|Info|Structure and Semantics|Query details
Documentation
|
-|Schema With Both ReadOnly And WriteOnly
d2361d58-361c-49f0-9e50-b957fd608b29|Info|Structure and Semantics|Query details
Documentation
|
-|Security Field Undefined
ab1263c2-81df-46f0-9f2c-0b62fdb68419|Info|Structure and Semantics|Query details
Documentation
|
-|Security Operation Field Undefined
20a482d5-c5d9-4a7a-b7a4-60d0805047b4|Info|Structure and Semantics|Query details
Documentation
|
-|Security Requirement Object With Wrong Scopes
37140f7f-724a-4c87-a536-e9cee1d61533|Info|Structure and Semantics|Query details
Documentation
|
-|Server Object Variable Not Used
8aee4754-970d-4c5f-8142-a49dfe388b1a|Info|Structure and Semantics|Query details
Documentation
|
-|Server URL Not Absolute
a0bf7382-5d5a-4224-924c-3db8466026c9|Info|Structure and Semantics|Query details
Documentation
|
-|Server URL Uses Undefined Variables
8d0921d6-4131-461f-a253-99e873f8f77e|Info|Structure and Semantics|Query details
Documentation
|
-|Servers Array Undefined
c66ebeaa-676c-40dc-a3ff-3e49395dcd5e|Info|Structure and Semantics|Query details
Documentation
|
-|Unknown Property (v3)
fb7d81e7-4150-48c4-b914-92fc05da6a2f|Info|Structure and Semantics|Query details
Documentation
|
+|Cleartext Credentials With Basic Authentication For Operation
86b1fa30-9790-4980-994d-a27e0f6f27c1|Medium|Access Control|Query details
Documentation
|
+|Field 'securityScheme' On Components Is Undefined
8db5544e-4874-4baa-9322-e9f75a2d219e|Medium|Access Control|Query details
Documentation
|
+|Global Security Scheme Using Basic Authentication
77276d82-4f45-4cf1-8e2b-4d345b936228|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Authorization URL (v3)
52c0d841-60d6-4a81-88dd-c35fef36d315|Medium|Access Control|Query details
Documentation
|
+|Invalid OAuth2 Token URL (v3)
3ba0cca1-b815-47bf-ac62-1e584eb64a05|Medium|Access Control|Query details
Documentation
|
+|OAuth2 With Implicit Flow
39cb32f2-3a42-4af0-8037-82a7a9654b6c|Medium|Access Control|Query details
Documentation
|
+|OAuth2 With Password Flow
3979b0a4-532c-4ea7-86e4-34c090eaa4f2|Medium|Access Control|Query details
Documentation
|
+|Security Scheme HTTP Unknown Scheme
06764426-3c56-407e-981f-caa25db1c149|Medium|Access Control|Query details
Documentation
|
+|Global Server Object Uses HTTP
2d8c175a-6d90-412b-8b0e-e034ea49a1fe|Medium|Encryption|Query details
Documentation
|
+|Path Server Object Uses HTTP (v3)
9670f240-7b4d-4955-bd93-edaa9fa38b58|Medium|Encryption|Query details
Documentation
|
+|Media Type Object Without Schema
f79b9d26-e945-44e7-98a1-b93f0f7a68a0|Medium|Insecure Configurations|Query details
Documentation
|
+|Parameter Object Without Schema
8fe1846f-52cc-4413-ace9-1933d7d23672|Medium|Insecure Configurations|Query details
Documentation
|
+|Header Object Without Schema
50de3b5b-6465-4e06-a9b0-b4c2ba34326b|Medium|Networking and Firewall|Query details
Documentation
|
+|API Key Exposed In Global Security Scheme
40e1d1bf-11a9-4f63-a3a2-a8b84c602839|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using HTTP Basic
68e5fcac-390c-4939-a373-6074b7be7c71|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using HTTP Digest
a4247b11-890b-45df-bf42-350a7a3af9be|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using HTTP Negotiate
f525cc92-9050-4c41-a75c-890dc6f64449|Low|Access Control|Query details
Documentation
|
+|Security Scheme Using Oauth 1.0
1bc3205c-0d60-44e6-84f3-44fbf4dac5b3|Low|Access Control|Query details
Documentation
|
+|Undefined Scope 'securityScheme' On 'security' Field On Operations
462d6a1d-fed9-4d75-bb9e-3de902f35e6e|Low|Access Control|Query details
Documentation
|
+|Undefined Scope 'securityScheme' On Global 'security' Field
23a9e2d9-8738-4556-a71c-2802b6ffa022|Low|Access Control|Query details
Documentation
|
+|Additional Properties Too Permissive
9f88c88d-824d-4d9a-b985-e22977046042|Low|Insecure Configurations|Query details
Documentation
|
+|Additional Properties Too Restrictive
a19c3bbd-c056-40d7-9e1c-eeb0634e320d|Low|Insecure Configurations|Query details
Documentation
|
+|Success Response Code Undefined for Trace Operation
105e20dd-8449-4d71-95c6-d5dac96639af|Low|Networking and Firewall|Query details
Documentation
|
+|Components Callback Definition Is Unused
d15db953-a553-4b8a-9a14-a3d62ea3d79d|Info|Best Practices|Query details
Documentation
|
+|Components Example Definition Is Unused
b05bb927-2df5-43cc-8d7b-6825c0e71625|Info|Best Practices|Query details
Documentation
|
+|Components Header Definition Is Unused
a68da022-e95a-4bc2-97d3-481e0bd6d446|Info|Best Practices|Query details
Documentation
|
+|Components Link Definition Is Unused
c19779a9-5774-4d2f-a3a1-a99831730375|Info|Best Practices|Query details
Documentation
|
+|Components Parameter Definition Is Unused
698a464e-bb3e-4ba8-ab5e-e6599b7644a0|Info|Best Practices|Query details
Documentation
|
+|Components Request Body Definition Is Unused
6b76f589-9713-44ab-97f5-59a3dba1a285|Info|Best Practices|Query details
Documentation
|
+|Components Response Definition Is Unused
9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae|Info|Best Practices|Query details
Documentation
|
+|Components Schema Definition Is Unused
962fa01e-b791-4dcc-b04a-4a3e7389be5e|Info|Best Practices|Query details
Documentation
|
+|Encoding Header 'Content-Type' Improperly Defined
4cd8de87-b595-48b6-ab3c-1904567135ab|Info|Best Practices|Query details
Documentation
|
+|Invalid Media Type Value (v3)
cf4a5f45-a27b-49df-843a-9911dbfe71d4|Info|Best Practices|Query details
Documentation
|
+|Property 'allowEmptyValue' Ignored
59c2f769-7cc2-49c8-a3de-4e211135cfab|Info|Best Practices|Query details
Documentation
|
+|Property 'allowReserved' of Encoding Object Ignored
4190dda7-af03-4cf0-a128-70ac1661ca09|Info|Best Practices|Query details
Documentation
|
+|Property 'explode' of Encoding Object Ignored
a4dd69b8-49fa-45d2-a060-c76655405b05|Info|Best Practices|Query details
Documentation
|
+|Property 'style' of Encoding Object Ignored
d3ea644a-9a5c-4fee-941f-f8a6786c0470|Info|Best Practices|Query details
Documentation
|
+|Unknown Prefix (v3)
a5375be3-521c-43bb-9eab-e2432e368ee4|Info|Best Practices|Query details
Documentation
|
+|Callback JSON Reference Does Not Exists
f29904c8-6041-4bca-b043-dfa0546b8079|Info|Structure and Semantics|Query details
Documentation
|
+|Callback Object With Incorrect Ref
ba066cda-e808-450d-92b6-f29109754d45|Info|Structure and Semantics|Query details
Documentation
|
+|Components Object Fixed Field Key Improperly Named
151331e2-11f4-4bb6-bd35-9a005e695087|Info|Structure and Semantics|Query details
Documentation
|
+|Empty Array
5915c20f-dffa-4cee-b5d4-f457ddc0151a|Info|Structure and Semantics|Query details
Documentation
|
+|Encoding Map Key Mismatch Schema Defined Properties
cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b|Info|Structure and Semantics|Query details
Documentation
|
+|Example JSON Reference Does Not Exists
6a2c219f-da5e-4745-941e-5ea8cde23356|Info|Structure and Semantics|Query details
Documentation
|
+|Example JSON Reference Outside Components Examples
bac56e3c-1f71-4a74-8ae6-2fba07efcddb|Info|Structure and Semantics|Query details
Documentation
|
+|Header JSON Reference Does Not Exists
376c9390-7e9e-4cb8-a067-fd31c05451fd|Info|Structure and Semantics|Query details
Documentation
|
+|Header Object With Incorrect Ref
2d6646f4-2946-420f-8c14-3232d49ae0cb|Info|Structure and Semantics|Query details
Documentation
|
+|Invalid Content Type For Multiple Files Upload
26f06397-36d8-4ce7-b993-17711261d777|Info|Structure and Semantics|Query details
Documentation
|
+|Link JSON Reference Does Not Exists
801f0c6a-a834-4467-89c6-ddecffb46b5a|Info|Structure and Semantics|Query details
Documentation
|
+|Link Object Incorrect Ref
b9db8a10-020c-49ca-88c6-780e5fdb4328|Info|Structure and Semantics|Query details
Documentation
|
+|Link Object OperationId Does Not Target Operation Object
c5bb7461-aa57-470b-a714-3bc3d74f4669|Info|Structure and Semantics|Query details
Documentation
|
+|Link Object With Both 'operationId' And 'operationRef'
60fb6621-9f02-473b-9424-ba9a825747d3|Info|Structure and Semantics|Query details
Documentation
|
+|Object Without Required Property (v3)
d172a060-8569-4412-8045-3560ebd477e8|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter JSON Reference Does Not Exists (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object Content With Multiple Entries
8bfed1c6-2d59-4924-bc7f-9b9d793ed0df|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Incorrect Ref (v3)
d40f27e6-15fb-4b56-90f8-fc0ff0291c51|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Schema And Content
31dd6fc0-f274-493b-9614-e063086c19fc|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Object With Undefined Type
46facedc-f243-4108-ab33-583b807d50b0|Info|Structure and Semantics|Query details
Documentation
|
+|Property 'allowReserved' Improperly Defined
7f203940-39c4-4ea7-91ee-7aba16bca9e2|Info|Structure and Semantics|Query details
Documentation
|
+|Request Body JSON Reference Does Not Exists
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|Info|Structure and Semantics|Query details
Documentation
|
+|Request Body Object With Incorrect Media Type
58f06434-a88c-4f74-826c-db7e10cc7def|Info|Structure and Semantics|Query details
Documentation
|
+|Request Body With Incorrect Ref
0f6cd0ab-c366-4595-84fc-fbd8b9901e4d|Info|Structure and Semantics|Query details
Documentation
|
+|Response JSON Reference Does Not Exists (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|Info|Structure and Semantics|Query details
Documentation
|
+|Response Object With Incorrect Ref (v3)
b3871dd8-9333-4d6c-bd52-67eb898b71ab|Info|Structure and Semantics|Query details
Documentation
|
+|Schema JSON Reference Does Not Exists (v3)
015eac96-6313-43c0-84e5-81b1374fa637|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object Incorrect Ref (v3)
4cac7ace-b0fb-477d-830d-65395d9109d9|Info|Structure and Semantics|Query details
Documentation
|
+|Schema With Both ReadOnly And WriteOnly
d2361d58-361c-49f0-9e50-b957fd608b29|Info|Structure and Semantics|Query details
Documentation
|
+|Security Field Undefined
ab1263c2-81df-46f0-9f2c-0b62fdb68419|Info|Structure and Semantics|Query details
Documentation
|
+|Security Operation Field Undefined
20a482d5-c5d9-4a7a-b7a4-60d0805047b4|Info|Structure and Semantics|Query details
Documentation
|
+|Security Requirement Object With Wrong Scopes
37140f7f-724a-4c87-a536-e9cee1d61533|Info|Structure and Semantics|Query details
Documentation
|
+|Server Object Variable Not Used
8aee4754-970d-4c5f-8142-a49dfe388b1a|Info|Structure and Semantics|Query details
Documentation
|
+|Server URL Not Absolute
a0bf7382-5d5a-4224-924c-3db8466026c9|Info|Structure and Semantics|Query details
Documentation
|
+|Server URL Uses Undefined Variables
8d0921d6-4131-461f-a253-99e873f8f77e|Info|Structure and Semantics|Query details
Documentation
|
+|Servers Array Undefined
c66ebeaa-676c-40dc-a3ff-3e49395dcd5e|Info|Structure and Semantics|Query details
Documentation
|
+|Unknown Property (v3)
fb7d81e7-4150-48c4-b914-92fc05da6a2f|Info|Structure and Semantics|Query details
Documentation
|
### SHARED (V2/V3)
Below are listed queries related to OpenAPI SHARED (V2/V3):
@@ -147,146 +147,146 @@ Below are listed queries related to OpenAPI SHARED (V2/V3):
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
|Global Security Field Has An Empty Array (v2)
da31d54b-ad54-41dc-95eb-8b3828629213|High|Access Control|
Documentation
|
-|Global Security Field Has An Empty Array (v3)
d674aea4-ba8b-454b-bb97-88a772ea33f0|High|Access Control|Query details
Documentation
|
+|Global Security Field Has An Empty Array (v3)
d674aea4-ba8b-454b-bb97-88a772ea33f0|High|Access Control|Query details
Documentation
|
|Global security field has an empty object (v2)
292919fb-7b26-4454-bee9-ce29094768dd|High|Access Control|
Documentation
|
-|Global security field has an empty object (v3)
543e38f4-1eee-479e-8eb0-15257013aa0a|High|Access Control|Query details
Documentation
|
+|Global security field has an empty object (v3)
543e38f4-1eee-479e-8eb0-15257013aa0a|High|Access Control|Query details
Documentation
|
|Global Security Field Is Undefined (v2)
74703c89-0ea2-49ab-a7db-bf04f19f5a57|High|Access Control|Global security field should be defined to prevent API to have insecure paths and have this rules defined on securityDefinitions
Documentation
|
-|Global Security Field Is Undefined (v3)
8af270ce-298b-4405-9922-82a10aee7a4f|High|Access Control|Query details
Documentation
|
+|Global Security Field Is Undefined (v3)
8af270ce-298b-4405-9922-82a10aee7a4f|High|Access Control|Query details
Documentation
|
|No Global And Operation Security Defined (v2)
586abcee-9653-462d-ad7b-2638a32bd6e6|High|Access Control|
Documentation
|
-|No Global And Operation Security Defined (v3)
96729c6b-7400-4d9e-9807-17f00cdde4d2|High|Access Control|Query details
Documentation
|
+|No Global And Operation Security Defined (v3)
96729c6b-7400-4d9e-9807-17f00cdde4d2|High|Access Control|Query details
Documentation
|
|Security Field On Operations Has An Empty Array (v2)
5d29effc-5d68-481f-9721-d74e5919226b|High|Access Control|
Documentation
|
-|Security Field On Operations Has An Empty Array (v3)
663c442d-f918-4f62-b096-0bf5dcbeb655|High|Access Control|Query details
Documentation
|
+|Security Field On Operations Has An Empty Array (v3)
663c442d-f918-4f62-b096-0bf5dcbeb655|High|Access Control|Query details
Documentation
|
|Security Field On Operations Has An Empty Object Definition (v2)
74581e3b-1d55-4323-a139-5959a7b3abc5|High|Access Control|
Documentation
|
-|Security Field On Operations Has An Empty Object Definition (v3)
baade968-7467-41e4-bf22-83ca222f5800|High|Access Control|Query details
Documentation
|
+|Security Field On Operations Has An Empty Object Definition (v3)
baade968-7467-41e4-bf22-83ca222f5800|High|Access Control|Query details
Documentation
|
|Array Without Maximum Number of Items (v2)
99eb2c95-2040-4104-9e7c-e16f7474d218|Medium|Insecure Configurations|Array schema/parameter should have the field 'maxItems' set
Documentation
|
-|Array Without Maximum Number of Items (v3)
6998389e-66b2-473d-8d05-c8d71ac4d04d|Medium|Insecure Configurations|Query details
Documentation
|
+|Array Without Maximum Number of Items (v3)
6998389e-66b2-473d-8d05-c8d71ac4d04d|Medium|Insecure Configurations|Query details
Documentation
|
|JSON Object Schema Without Properties (v2)
3d28f751-bc18-4f83-ace0-216b6086410b|Medium|Insecure Configurations|
Documentation
|
-|JSON Object Schema Without Properties (v3)
9d967a2b-9d64-41a6-abea-dfc4960299bd|Medium|Insecure Configurations|Query details
Documentation
|
+|JSON Object Schema Without Properties (v3)
9d967a2b-9d64-41a6-abea-dfc4960299bd|Medium|Insecure Configurations|Query details
Documentation
|
|JSON Object Schema Without Type (v2)
62d52544-82ef-4b75-8308-cad49d50212b|Medium|Insecure Configurations|
Documentation
|
-|JSON Object Schema Without Type (v3)
e2ffa504-d22a-4c94-b6c5-f661849d2db7|Medium|Insecure Configurations|Query details
Documentation
|
+|JSON Object Schema Without Type (v3)
e2ffa504-d22a-4c94-b6c5-f661849d2db7|Medium|Insecure Configurations|Query details
Documentation
|
|Pattern Undefined (v2)
afde15cf-9444-4126-8c62-41cd79db1d1d|Medium|Insecure Configurations|String schema/parameter/header should have 'pattern' defined.
Documentation
|
-|Pattern Undefined (v3)
00b78adf-b83f-419c-8ed8-c6018441dd3a|Medium|Insecure Configurations|Query details
Documentation
|
+|Pattern Undefined (v3)
00b78adf-b83f-419c-8ed8-c6018441dd3a|Medium|Insecure Configurations|Query details
Documentation
|
|Schema Object is Empty (v2)
967575e5-eb44-4c24-aadb-7e33608ed30a|Medium|Insecure Configurations|
Documentation
|
-|Schema Object is Empty (v3)
500ce696-d501-41dd-86eb-eceb011a386f|Medium|Insecure Configurations|Query details
Documentation
|
+|Schema Object is Empty (v3)
500ce696-d501-41dd-86eb-eceb011a386f|Medium|Insecure Configurations|Query details
Documentation
|
|Response on operations that should have a body has undefined schema (v2)
31afbcb7-70e0-48bb-a31a-3374f95cf859|Medium|Networking and Firewall|
Documentation
|
-|Response on operations that should have a body has undefined schema (v3)
a92be1d5-d762-484a-86d6-8cd0907ba100|Medium|Networking and Firewall|Query details
Documentation
|
+|Response on operations that should have a body has undefined schema (v3)
a92be1d5-d762-484a-86d6-8cd0907ba100|Medium|Networking and Firewall|Query details
Documentation
|
|API Key Exposed In Global Security (v2)
533a0d13-6e89-4551-ae33-bce14e5849c1|Low|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.
Documentation
|
-|API Key Exposed In Global Security (v3)
aecee30b-8ea1-4776-a99c-d6d600f0862f|Low|Access Control|Query details
Documentation
|
+|API Key Exposed In Global Security (v3)
aecee30b-8ea1-4776-a99c-d6d600f0862f|Low|Access Control|Query details
Documentation
|
|API Key Exposed In Operation Security (v2)
392599e4-a4e2-403d-bc56-3fe05755782d|Low|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.
Documentation
|
-|API Key Exposed In Operation Security (v3)
281b8071-6226-4a43-911d-fec246d422c2|Low|Access Control|Query details
Documentation
|
+|API Key Exposed In Operation Security (v3)
281b8071-6226-4a43-911d-fec246d422c2|Low|Access Control|Query details
Documentation
|
|Array Items Has No Type (v2)
8697a1a4-82c6-4603-8ac8-57529756744e|Low|Insecure Configurations|Schema/Parameter array items type should be defined
Documentation
|
-|Array Items Has No Type (v3)
be0e0df7-f3d9-42a1-9b6f-d425f94872c4|Low|Insecure Configurations|Query details
Documentation
|
+|Array Items Has No Type (v3)
be0e0df7-f3d9-42a1-9b6f-d425f94872c4|Low|Insecure Configurations|Query details
Documentation
|
|Invalid Format (v2)
caf1793e-95dd-4b18-8d90-8f3c0ab5bddf|Low|Insecure Configurations|
Documentation
|
-|Invalid Format (v3)
d929c031-078f-4241-b802-e224656ad890|Low|Insecure Configurations|Query details
Documentation
|
+|Invalid Format (v3)
d929c031-078f-4241-b802-e224656ad890|Low|Insecure Configurations|Query details
Documentation
|
|Maximum Length Undefined (v2)
2ec86e48-ab90-4cb6-a131-0502afd1f442|Low|Insecure Configurations|String schema/parameter/header should have 'maxLength' defined.
Documentation
|
-|Maximum Length Undefined (v3)
8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85|Low|Insecure Configurations|Query details
Documentation
|
+|Maximum Length Undefined (v3)
8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85|Low|Insecure Configurations|Query details
Documentation
|
|Numeric Schema Without Format (v2)
3ed8fc82-c2bb-49e0-811f-c53923674c49|Low|Insecure Configurations|
Documentation
|
-|Numeric Schema Without Format (v3)
fbf699b5-ef74-4542-9cf1-f6eeac379373|Low|Insecure Configurations|Query details
Documentation
|
+|Numeric Schema Without Format (v3)
fbf699b5-ef74-4542-9cf1-f6eeac379373|Low|Insecure Configurations|Query details
Documentation
|
|Numeric Schema Without Maximum (v2)
203eee11-15b6-4d47-b888-4c7f534967ee|Low|Insecure Configurations|
Documentation
|
-|Numeric Schema Without Maximum (v3)
2ea04bef-c769-409e-9179-ee3a50b5c0ac|Low|Insecure Configurations|Query details
Documentation
|
+|Numeric Schema Without Maximum (v3)
2ea04bef-c769-409e-9179-ee3a50b5c0ac|Low|Insecure Configurations|Query details
Documentation
|
|Numeric Schema Without Minimum (v2)
efd1dfc8-da91-4909-a3f3-c23abc5ec799|Low|Insecure Configurations|
Documentation
|
-|Numeric Schema Without Minimum (v3)
181bd815-767e-4e95-a24d-bb3c87328e19|Low|Insecure Configurations|Query details
Documentation
|
+|Numeric Schema Without Minimum (v3)
181bd815-767e-4e95-a24d-bb3c87328e19|Low|Insecure Configurations|Query details
Documentation
|
|String Schema with Broad Pattern (v2)
e4a019f0-9af3-49c8-bf68-1939a6ff240d|Low|Insecure Configurations|
Documentation
|
-|String Schema with Broad Pattern (v3)
8c81d6c0-716b-49ec-afa5-2d62da4e3f3c|Low|Insecure Configurations|Query details
Documentation
|
+|String Schema with Broad Pattern (v3)
8c81d6c0-716b-49ec-afa5-2d62da4e3f3c|Low|Insecure Configurations|Query details
Documentation
|
|Default Response Undefined On Operations (v2)
5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f|Low|Networking and Firewall|
Documentation
|
-|Default Response Undefined On Operations (v3)
86e3702f-c868-44b2-b61d-ea5316c18110|Low|Networking and Firewall|Query details
Documentation
|
+|Default Response Undefined On Operations (v3)
86e3702f-c868-44b2-b61d-ea5316c18110|Low|Networking and Firewall|Query details
Documentation
|
|Response Code Missing (v2)
6e96ed39-bf45-4089-99ba-f1fe7cf6966f|Low|Networking and Firewall|
Documentation
|
-|Response Code Missing (v3)
6c35d2c6-09f2-4e5c-a094-e0e91327071d|Low|Networking and Firewall|Query details
Documentation
|
+|Response Code Missing (v3)
6c35d2c6-09f2-4e5c-a094-e0e91327071d|Low|Networking and Firewall|Query details
Documentation
|
|Response on operations that should not have a body has declared content (v2)
268defd2-2839-4e15-8cbc-de86eb38c231|Low|Networking and Firewall|If a response is head or its code is 204 or 304, it shouldn't have a schema defined
Documentation
|
-|Response on operations that should not have a body has declared content (v3)
12a7210b-f4b4-47d0-acac-0a819e2a0ca3|Low|Networking and Firewall|Query details
Documentation
|
+|Response on operations that should not have a body has declared content (v3)
12a7210b-f4b4-47d0-acac-0a819e2a0ca3|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Delete Operation (v2)
ad432855-b7fb-4429-92a3-93b5ce34f0b1|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Delete Operation (v3)
3b497874-ae59-46dd-8d72-1868a3b8f150|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Delete Operation (v3)
3b497874-ae59-46dd-8d72-1868a3b8f150|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Get Operation (v2)
9b633f3b-c94b-4fbb-a65b-1a4e9134fb63|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Get Operation (v3)
b2f275be-7d64-4064-b418-be6b431363a7|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Get Operation (v3)
b2f275be-7d64-4064-b418-be6b431363a7|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Head Operation (v2)
4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Head Operation (v3)
3b066059-f411-4554-ac8d-96f32bff90da|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Head Operation (v3)
3b066059-f411-4554-ac8d-96f32bff90da|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Patch Operation (v2)
f36e87cc-a209-4f37-8571-66833e4aead7|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Patch Operation (v3)
1908a8ee-927d-4166-8f18-241152170cc1|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Patch Operation (v3)
1908a8ee-927d-4166-8f18-241152170cc1|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Post Operation (v2)
9fedee41-2e6d-4091-b011-4a16b4c18c70|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Post Operation (v3)
f368dd2d-9344-4146-a05b-7c6faa1269ad|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Post Operation (v3)
f368dd2d-9344-4146-a05b-7c6faa1269ad|Low|Networking and Firewall|Query details
Documentation
|
|Success Response Code Undefined for Put Operation (v2)
965a043f-5f3c-4d0a-be72-d9ce12fdb4d6|Low|Networking and Firewall|
Documentation
|
-|Success Response Code Undefined for Put Operation (v3)
60b5f56b-66ff-4e1c-9b62-5753e16825bc|Low|Networking and Firewall|Query details
Documentation
|
+|Success Response Code Undefined for Put Operation (v3)
60b5f56b-66ff-4e1c-9b62-5753e16825bc|Low|Networking and Firewall|Query details
Documentation
|
|Example Not Compliant With Schema Type (v2)
448db771-06ea-4dee-b48c-1689cbfb4b43|Info|Best Practices|
Documentation
|
-|Example Not Compliant With Schema Type (v3)
881a6e71-c2a7-4fe2-b9c3-dfcf08895331|Info|Best Practices|Query details
Documentation
|
+|Example Not Compliant With Schema Type (v3)
881a6e71-c2a7-4fe2-b9c3-dfcf08895331|Info|Best Practices|Query details
Documentation
|
|Header Parameter Named as 'Accept' (v2)
3ddd74cc-6582-486c-8b0c-2b48cb38e0a3|Info|Best Practices|
Documentation
|
-|Header Parameter Named as 'Accept' (v3)
f2702af5-6016-46cb-bbc8-84c766032095|Info|Best Practices|Query details
Documentation
|
+|Header Parameter Named as 'Accept' (v3)
f2702af5-6016-46cb-bbc8-84c766032095|Info|Best Practices|Query details
Documentation
|
|Header Parameter Named as 'Authorization' (v2)
e2e00c97-7171-4fb4-b461-d631df9a711c|Info|Best Practices|
Documentation
|
-|Header Parameter Named as 'Authorization' (v3)
8c84f75e-5048-4926-a4cb-33e7b3431300|Info|Best Practices|Query details
Documentation
|
+|Header Parameter Named as 'Authorization' (v3)
8c84f75e-5048-4926-a4cb-33e7b3431300|Info|Best Practices|Query details
Documentation
|
|Header Parameter Named as 'Content-Type' (v2)
51978067-3b22-4c29-aaf3-96bf0bc28897|Info|Best Practices|
Documentation
|
-|Header Parameter Named as 'Content-Type' (v3)
72d259ca-9741-48dd-9f62-eb11f2936b37|Info|Best Practices|Query details
Documentation
|
+|Header Parameter Named as 'Content-Type' (v3)
72d259ca-9741-48dd-9f62-eb11f2936b37|Info|Best Practices|Query details
Documentation
|
|Header Response Name Is Invalid (v2)
86733e01-a435-4bd5-a8b0-5108be9dc1e4|Info|Best Practices|
Documentation
|
-|Header Response Name Is Invalid (v3)
d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd|Info|Best Practices|Query details
Documentation
|
+|Header Response Name Is Invalid (v3)
d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd|Info|Best Practices|Query details
Documentation
|
|Invalid Contact Email (v2)
d83bebc8-4e5e-4241-b783-cba9fb5a1c9a|Info|Best Practices|
Documentation
|
-|Invalid Contact Email (v3)
b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7|Info|Best Practices|Query details
Documentation
|
+|Invalid Contact Email (v3)
b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7|Info|Best Practices|Query details
Documentation
|
|Invalid Contact URL (v2)
c7000383-16d0-4509-8cd3-585e5ea2e2f2|Info|Best Practices|
Documentation
|
-|Invalid Contact URL (v3)
332cf2ad-380d-4b90-b436-46f8e635cf38|Info|Best Practices|Query details
Documentation
|
+|Invalid Contact URL (v3)
332cf2ad-380d-4b90-b436-46f8e635cf38|Info|Best Practices|Query details
Documentation
|
|Invalid Global External Documentation URL (v2)
46d3b74d-9fe9-45bf-9e9e-efb7f701ee28|Info|Best Practices|
Documentation
|
-|Invalid Global External Documentation URL (v3)
b2d9dbf6-539c-4374-a1fd-210ddf5563a8|Info|Best Practices|Query details
Documentation
|
+|Invalid Global External Documentation URL (v3)
b2d9dbf6-539c-4374-a1fd-210ddf5563a8|Info|Best Practices|Query details
Documentation
|
|Invalid License URL (v2)
de2b4910-8484-46d6-a055-dc1e793ee3ff|Info|Best Practices|
Documentation
|
-|Invalid License URL (v3)
9239c289-9e4c-4d92-8be1-9d506057c971|Info|Best Practices|Query details
Documentation
|
+|Invalid License URL (v3)
9239c289-9e4c-4d92-8be1-9d506057c971|Info|Best Practices|Query details
Documentation
|
|Invalid Operation External Documentation URL (v2)
25635c31-ee32-4708-88e5-fced87516f51|Info|Best Practices|
Documentation
|
-|Invalid Operation External Documentation URL (v3)
5ea61624-3733-4a3a-8ca4-b96fec9c5aeb|Info|Best Practices|Query details
Documentation
|
+|Invalid Operation External Documentation URL (v3)
5ea61624-3733-4a3a-8ca4-b96fec9c5aeb|Info|Best Practices|Query details
Documentation
|
|Invalid Schema External Documentation URL (v2)
f7fa95b7-d819-484c-9a2b-665dd1bba25e|Info|Best Practices|
Documentation
|
-|Invalid Schema External Documentation URL (v3)
6952a7e0-6e48-4285-bbc1-27c64e60f888|Info|Best Practices|Query details
Documentation
|
+|Invalid Schema External Documentation URL (v3)
6952a7e0-6e48-4285-bbc1-27c64e60f888|Info|Best Practices|Query details
Documentation
|
|Invalid Tag External Documentation URL (v2)
b4a7d925-738b-4219-99d9-87d6ee262a03|Info|Best Practices|
Documentation
|
-|Invalid Tag External Documentation URL (v3)
5aea1d7e-b834-4749-b143-2c7ec3bd5922|Info|Best Practices|Query details
Documentation
|
+|Invalid Tag External Documentation URL (v3)
5aea1d7e-b834-4749-b143-2c7ec3bd5922|Info|Best Practices|Query details
Documentation
|
|JSON '$ref' alongside other properties (v2)
f34c1c68-4773-4df0-a103-6e2ca32e585f|Info|Best Practices|
Documentation
|
-|JSON '$ref' alongside other properties (v3)
96beb800-566f-49a9-a0ea-dbdf4bc80429|Info|Best Practices|Query details
Documentation
|
+|JSON '$ref' alongside other properties (v3)
96beb800-566f-49a9-a0ea-dbdf4bc80429|Info|Best Practices|Query details
Documentation
|
|Object Using Enum With Keyword (v2)
7f15962a-d862-451c-ac9b-84ec13747aa6|Info|Best Practices|Schema/Parameter/Header Object properties should not contain 'enum' and schema keywords
Documentation
|
-|Object Using Enum With Keyword (v3)
2e9b6612-8f69-42e0-a5b8-ed17739c2f3a|Info|Best Practices|Query details
Documentation
|
+|Object Using Enum With Keyword (v3)
2e9b6612-8f69-42e0-a5b8-ed17739c2f3a|Info|Best Practices|Query details
Documentation
|
|Operation Without Successful HTTP Status Code (v2)
a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2|Info|Best Practices|
Documentation
|
-|Operation Without Successful HTTP Status Code (v3)
48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd|Info|Best Practices|Query details
Documentation
|
+|Operation Without Successful HTTP Status Code (v3)
48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd|Info|Best Practices|Query details
Documentation
|
|Path Without Operation (v2)
609cd557-66b4-41fa-8edd-2abc6c7cfd08|Info|Best Practices|
Documentation
|
-|Path Without Operation (v3)
84c826c9-1893-4b34-8cdd-db97645b4bf3|Info|Best Practices|Query details
Documentation
|
+|Path Without Operation (v3)
84c826c9-1893-4b34-8cdd-db97645b4bf3|Info|Best Practices|Query details
Documentation
|
|Required Property With Default Value (v2)
f7ab6c83-ef89-40e1-8a99-32e2599fb665|Info|Best Practices|
Documentation
|
-|Required Property With Default Value (v3)
013bdb4b-9246-4248-b0c3-7fb0fee42a29|Info|Best Practices|Query details
Documentation
|
+|Required Property With Default Value (v3)
013bdb4b-9246-4248-b0c3-7fb0fee42a29|Info|Best Practices|Query details
Documentation
|
|Default Invalid (v2)
78dfd8f0-a6ee-48ec-af8c-e4d9b3292a07|Info|Structure and Semantics|The field 'default' of Schema/Parameter/Header Object should be consistent with the schema's/parameter's/header's type
Documentation
|
-|Default Invalid (v3)
a96bbc06-8cde-4295-ad3c-ee343a7f658e|Info|Structure and Semantics|Query details
Documentation
|
+|Default Invalid (v3)
a96bbc06-8cde-4295-ad3c-ee343a7f658e|Info|Structure and Semantics|Query details
Documentation
|
|Items Undefined (v2)
3e4d34d2-36cf-4449-976d-6c256db8fc49|Info|Structure and Semantics|
Documentation
|
-|Items Undefined (v3)
a8e859da-4a43-4e7f-94b8-25d6e3bf8e90|Info|Structure and Semantics|Query details
Documentation
|
+|Items Undefined (v3)
a8e859da-4a43-4e7f-94b8-25d6e3bf8e90|Info|Structure and Semantics|Query details
Documentation
|
|Non-Array Schema With Items (v2)
9d47956b-29cd-43b1-9e6e-b39a4d484353|Info|Structure and Semantics|
Documentation
|
-|Non-Array Schema With Items (v3)
20cb3159-b219-496b-8dac-54ae3ab2021a|Info|Structure and Semantics|Query details
Documentation
|
+|Non-Array Schema With Items (v3)
20cb3159-b219-496b-8dac-54ae3ab2021a|Info|Structure and Semantics|Query details
Documentation
|
|OperationId Not Unique (v2)
21245007-91c4-40e5-964e-40c85d1e5aa6|Info|Structure and Semantics|
Documentation
|
-|OperationId Not Unique (v3)
c254adc4-ef25-46e1-8270-b7944adb4198|Info|Structure and Semantics|Query details
Documentation
|
+|OperationId Not Unique (v3)
c254adc4-ef25-46e1-8270-b7944adb4198|Info|Structure and Semantics|Query details
Documentation
|
|Parameter Objects Headers With Duplicated Name (v2)
bd2cbef5-62c4-40f1-af07-4b7f9ced6616|Info|Structure and Semantics|
Documentation
|
-|Parameter Objects Headers With Duplicated Name (v3)
05505192-ba2c-4a81-9b25-dcdbcc973746|Info|Structure and Semantics|Query details
Documentation
|
+|Parameter Objects Headers With Duplicated Name (v3)
05505192-ba2c-4a81-9b25-dcdbcc973746|Info|Structure and Semantics|Query details
Documentation
|
|Parameters Name In Combination Not Unique (v2)
ab871897-ec02-4835-9818-702536ee1dda|Info|Structure and Semantics|
Documentation
|
-|Parameters Name In Combination Not Unique (v3)
f5b2e6af-76f5-496d-8482-8f898c5fdb4a|Info|Structure and Semantics|Query details
Documentation
|
+|Parameters Name In Combination Not Unique (v3)
f5b2e6af-76f5-496d-8482-8f898c5fdb4a|Info|Structure and Semantics|Query details
Documentation
|
|Path Is Ambiguous (v2)
b2468463-3ac4-4930-890c-f35b2bf4485d|Info|Structure and Semantics|
Documentation
|
-|Path Is Ambiguous (v3)
237402e2-c2f0-46c9-9cf5-286160cf7bfc|Info|Structure and Semantics|Query details
Documentation
|
+|Path Is Ambiguous (v3)
237402e2-c2f0-46c9-9cf5-286160cf7bfc|Info|Structure and Semantics|Query details
Documentation
|
|Path Parameter Not Required (v2)
ccd0613f-cb77-4684-a892-183bd2674d12|Info|Structure and Semantics|
Documentation
|
-|Path Parameter Not Required (v3)
0de50145-e845-47f4-9a15-23bcf2125710|Info|Structure and Semantics|Query details
Documentation
|
+|Path Parameter Not Required (v3)
0de50145-e845-47f4-9a15-23bcf2125710|Info|Structure and Semantics|Query details
Documentation
|
|Path Parameter With No Corresponding Template Path (v2)
194ef1f8-360e-4c14-8ed2-e83e2bafa142|Info|Structure and Semantics|
Documentation
|
-|Path Parameter With No Corresponding Template Path (v3)
69d7aefd-149d-47b8-8d89-1c2181a8067b|Info|Structure and Semantics|Query details
Documentation
|
+|Path Parameter With No Corresponding Template Path (v3)
69d7aefd-149d-47b8-8d89-1c2181a8067b|Info|Structure and Semantics|Query details
Documentation
|
|Path Template is Empty (v2)
c201b7ad-6173-4598-a407-5edb04a1bcd7|Info|Structure and Semantics|
Documentation
|
-|Path Template is Empty (v3)
ae13a37d-943b-47a7-a970-83c8598bcca3|Info|Structure and Semantics|Query details
Documentation
|
+|Path Template is Empty (v3)
ae13a37d-943b-47a7-a970-83c8598bcca3|Info|Structure and Semantics|Query details
Documentation
|
|Paths Object is Empty (v2)
3e6c7b1c-8a8d-43ab-98b9-65159f44db4a|Info|Structure and Semantics|
Documentation
|
-|Paths Object is Empty (v3)
815021c8-a50c-46d9-b192-24f71072c400|Info|Structure and Semantics|Query details
Documentation
|
+|Paths Object is Empty (v3)
815021c8-a50c-46d9-b192-24f71072c400|Info|Structure and Semantics|Query details
Documentation
|
|Properties Missing Required Property (v2)
71beb6ab-8b70-4816-a9ac-a0ff1fb22a62|Info|Structure and Semantics|
Documentation
|
-|Properties Missing Required Property (v3)
3fb03214-25d4-4bd4-867c-c2d8d708a483|Info|Structure and Semantics|Query details
Documentation
|
+|Properties Missing Required Property (v3)
3fb03214-25d4-4bd4-867c-c2d8d708a483|Info|Structure and Semantics|Query details
Documentation
|
|Property 'allowEmptyValue' Improperly Defined (v2)
0bc1477d-0922-478b-ae16-674a7634a1a8|Info|Structure and Semantics|
Documentation
|
-|Property 'allowEmptyValue' Improperly Defined (v3)
4bcbcd52-3028-469f-bc14-02c7dbba2df2|Info|Structure and Semantics|Query details
Documentation
|
+|Property 'allowEmptyValue' Improperly Defined (v3)
4bcbcd52-3028-469f-bc14-02c7dbba2df2|Info|Structure and Semantics|Query details
Documentation
|
|Property Defining Minimum Greater Than Maximum (v2)
b5102ea9-6527-4bb7-94fc-9b4076150e55|Info|Structure and Semantics|
Documentation
|
-|Property Defining Minimum Greater Than Maximum (v3)
ab2af219-cd08-4233-b5a1-a788aac88b51|Info|Structure and Semantics|Query details
Documentation
|
+|Property Defining Minimum Greater Than Maximum (v3)
ab2af219-cd08-4233-b5a1-a788aac88b51|Info|Structure and Semantics|Query details
Documentation
|
|Responses Object Is Empty (v2)
6172e7ab-d2b7-45f8-a7db-1603931d8ba3|Info|Structure and Semantics|
Documentation
|
-|Responses Object Is Empty (v3)
990eaf09-d6f1-4c3c-b174-a517b1de8917|Info|Structure and Semantics|Query details
Documentation
|
+|Responses Object Is Empty (v3)
990eaf09-d6f1-4c3c-b174-a517b1de8917|Info|Structure and Semantics|Query details
Documentation
|
|Responses With Wrong HTTP Status Code (v2)
069a5378-2091-43f0-aa3b-ee8f20996e99|Info|Structure and Semantics|
Documentation
|
-|Responses With Wrong HTTP Status Code (v3)
d86655c0-92f6-4ffc-b4d5-5b5775804c27|Info|Structure and Semantics|Query details
Documentation
|
+|Responses With Wrong HTTP Status Code (v3)
d86655c0-92f6-4ffc-b4d5-5b5775804c27|Info|Structure and Semantics|Query details
Documentation
|
|Schema Discriminator Mismatch Defined Properties (v2)
addc0eab-27f6-4c26-8526-d2ccd3732662|Info|Structure and Semantics|
Documentation
|
-|Schema Discriminator Mismatch Defined Properties (v3)
40d3df21-c170-4dbe-9c02-4289b51f994f|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Discriminator Mismatch Defined Properties (v3)
40d3df21-c170-4dbe-9c02-4289b51f994f|Info|Structure and Semantics|Query details
Documentation
|
|Schema Discriminator Not Required (v2)
be6a3722-af60-438c-b1b9-2a03e2958ab7|Info|Structure and Semantics|
Documentation
|
-|Schema Discriminator Not Required (v3)
b481d46c-9c61-480f-86d9-af07146dc4a4|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Discriminator Not Required (v3)
b481d46c-9c61-480f-86d9-af07146dc4a4|Info|Structure and Semantics|Query details
Documentation
|
|Schema Discriminator Property Not String (v2)
949376f1-f560-4c6d-a016-63424ca931bb|Info|Structure and Semantics|
Documentation
|
-|Schema Discriminator Property Not String (v3)
dadc2f36-1f5a-46c0-8289-75e626583123|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Discriminator Property Not String (v3)
dadc2f36-1f5a-46c0-8289-75e626583123|Info|Structure and Semantics|Query details
Documentation
|
|Schema Enum Invalid (v2)
8fe6d18a-ad4c-4397-8884-e3a9da57f4c9|Info|Structure and Semantics|
Documentation
|
-|Schema Enum Invalid (v3)
03856cb2-e46c-4daf-bfbf-214ec93c882b|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Enum Invalid (v3)
03856cb2-e46c-4daf-bfbf-214ec93c882b|Info|Structure and Semantics|Query details
Documentation
|
|Schema Has A Required Property Undefined (v2)
811762c8-2e99-4f70-88f9-a63875a953b1|Info|Structure and Semantics|
Documentation
|
-|Schema Has A Required Property Undefined (v3)
2bd608ae-8a1f-457f-b710-c237883cb313|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Has A Required Property Undefined (v3)
2bd608ae-8a1f-457f-b710-c237883cb313|Info|Structure and Semantics|Query details
Documentation
|
|Schema Object Properties With Duplicated Keys (v2)
ded017bf-fb13-4f8d-868b-84aebcc572ad|Info|Structure and Semantics|
Documentation
|
-|Schema Object Properties With Duplicated Keys (v3)
10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object Properties With Duplicated Keys (v3)
10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa|Info|Structure and Semantics|Query details
Documentation
|
|Schema Object With Circular Ref (v2)
cbff2508-85c9-4448-a8b3-770070edf5ca|Info|Structure and Semantics|
Documentation
|
-|Schema Object With Circular Ref (v3)
1a1aea94-745b-40a7-b860-0702ea6ee636|Info|Structure and Semantics|Query details
Documentation
|
+|Schema Object With Circular Ref (v3)
1a1aea94-745b-40a7-b860-0702ea6ee636|Info|Structure and Semantics|Query details
Documentation
|
|Template Path With No Corresponding Path Parameter (v2)
e7656d8d-7288-4bbe-b07b-22b389be75ce|Info|Structure and Semantics|
Documentation
|
-|Template Path With No Corresponding Path Parameter (v3)
561710b1-b845-4562-95ce-2397a05ccef4|Info|Structure and Semantics|Query details
Documentation
|
+|Template Path With No Corresponding Path Parameter (v3)
561710b1-b845-4562-95ce-2397a05ccef4|Info|Structure and Semantics|Query details
Documentation
|
|Type Has Invalid Keyword (v2)
492c6cbb-f3f8-4807-aa4f-42b8b1c46b59|Info|Structure and Semantics|Schema/Parameter/Header Object define type should not use a keyword of another type
Documentation
|
-|Type Has Invalid Keyword (v3)
a9228976-10cf-4b5f-b902-9e962aad037a|Info|Structure and Semantics|Query details
Documentation
|
+|Type Has Invalid Keyword (v3)
a9228976-10cf-4b5f-b902-9e962aad037a|Info|Structure and Semantics|Query details
Documentation
|
diff --git a/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md b/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md
index 744fa30bd52..113e9728336 100644
--- a/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md
+++ b/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/pattern_undefined)
### Description
diff --git a/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md b/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md
index 434357e352f..468070d4f6f 100644
--- a/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md
+++ b/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/required_property_default_value)
### Description
diff --git a/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md b/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md
index 040d800c50f..305d03727d3 100644
--- a/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md
+++ b/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_schema)
### Description
diff --git a/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md b/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md
index 4c493242759..cf61d69c975 100644
--- a/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md
+++ b/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/schema_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md b/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md
index 97ddcaab937..97f130ad243 100644
--- a/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md
+++ b/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_enum_invalid)
### Description
diff --git a/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md b/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md
index 684abeea45a..02a2865a103 100644
--- a/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md
+++ b/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/parameter_objects_headers_dup_name)
### Description
diff --git a/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md b/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md
index 0b2be4288b4..056f62f9d00 100644
--- a/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md
+++ b/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_schemes_http_unknown_scheme)
### Description
diff --git a/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md b/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md
index 508130d3596..3eb4be6223b 100644
--- a/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md
+++ b/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unused_response_definition)
### Description
diff --git a/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md b/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md
index 593020d07ae..93f92284df0 100644
--- a/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md
+++ b/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_object_without_consumes)
### Description
diff --git a/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md b/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md
index 88ac973e0b8..636e3610296 100644
--- a/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md
+++ b/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_parameter_not_required)
### Description
diff --git a/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md b/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md
index 6c8aa53997d..402e6e3223d 100644
--- a/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md
+++ b/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/request_body_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md b/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md
index 08f1d7b90fa..1996ffa58cc 100644
--- a/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md
+++ b/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/success_response_code_undefined_trace_operation)
### Description
diff --git a/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md b/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md
index 9ca7733d40b..eca0abdb8ef 100644
--- a/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md
+++ b/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_object_properties_with_duplicated_keys)
### Description
diff --git a/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md b/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md
index 4f900193db8..c18e611d897 100644
--- a/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md
+++ b/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/response_operations_body_schema_incorrect_defined)
### Description
diff --git a/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md b/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md
index 5d227351dbd..1de594036be 100644
--- a/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md
+++ b/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_object_fixed_field_key_improperly_named)
### Description
diff --git a/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md b/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md
index 09e754d1ca0..51ede7d315f 100644
--- a/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md
+++ b/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/numeric_schema_without_minimum)
### Description
diff --git a/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md b/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md
index aaf97a97933..7b0f45179e4 100644
--- a/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md
+++ b/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_patch_operation)
### Description
diff --git a/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md b/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md
index c9fc8e7e890..9c3e58a9de0 100644
--- a/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md
+++ b/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_object_with_circular_ref)
### Description
diff --git a/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md b/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md
index aa4e9e5de61..d58d9724d76 100644
--- a/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md
+++ b/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_schemes_using_oauth)
### Description
diff --git a/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md b/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md
index 6b3ada3aeed..11fcb3be139 100644
--- a/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md
+++ b/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_operation_field_undefined)
### Description
diff --git a/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md b/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md
index 007be4c131a..0109fdc6fcb 100644
--- a/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md
+++ b/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/non_array_schema_with_items)
### Description
diff --git a/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md b/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md
index 651bf904ebc..7aba8a7203c 100644
--- a/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md
+++ b/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_definitions_using_basic_auth)
### Description
diff --git a/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md b/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md
index 03817a4d3aa..9987c052bab 100644
--- a/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md
+++ b/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_ambiguous)
### Description
diff --git a/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md b/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md
index c31e57ddc58..2ad2f0be3f8 100644
--- a/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md
+++ b/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/undefined_security_scope_global_security)
### Description
diff --git a/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md b/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md
index d96529fb1a8..e59c9ebc7ee 100644
--- a/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md
+++ b/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/parameter_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md b/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md
index e674ff51352..8bff59bd13c 100644
--- a/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md
+++ b/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_content_type_for_multiple_files_upload)
### Description
diff --git a/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md b/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md
index 96d22822688..5d5488d7b3b 100644
--- a/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md
+++ b/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/invalid_oauth2_token_url)
### Description
diff --git a/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md b/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md
index 786eb682a47..c7a55c27e7f 100644
--- a/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md
+++ b/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/api_key_exposed_in_operation_security)
### Description
diff --git a/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md b/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md
index cf4828a7b75..1dca06ad0d7 100644
--- a/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md
+++ b/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_required_property_undefined)
### Description
diff --git a/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md b/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md
index f9b87aa13d5..d48d3270d12 100644
--- a/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md
+++ b/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_example_mismatch_produces_mediatype)
### Description
diff --git a/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md b/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md
index 0af259275e2..f5b2ea20a98 100644
--- a/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md
+++ b/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/header_object_with_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md b/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md
index 15487691922..dad24356d80 100644
--- a/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md
+++ b/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/global_server_uses_http)
### Description
diff --git a/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md b/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md
index f51fd1a2711..5952c08d778 100644
--- a/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md
+++ b/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/global_security_using_password_flow)
### Description
diff --git a/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md b/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md
index 05416ca33ba..f5e4c228781 100644
--- a/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md
+++ b/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_parameter)
### Description
diff --git a/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md b/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md
index 34400a5a095..96774b51cf4 100644
--- a/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md
+++ b/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_using_password_flow)
### Description
diff --git a/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md b/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md
index 31f196de1e4..4391e3e5fa1 100644
--- a/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md
+++ b/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/object_using_enum_with_keyword)
### Description
diff --git a/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md b/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md
index a3567aa85b7..062788205e6 100644
--- a/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md
+++ b/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/numeric_schema_without_maximum)
### Description
diff --git a/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md b/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md
index 8900ff37c84..e948fd12f33 100644
--- a/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md
+++ b/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_schema_content)
### Description
diff --git a/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md b/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md
index 2276fae0a86..d45acade7f8 100644
--- a/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md
+++ b/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_contact_url)
### Description
diff --git a/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md b/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md
index 8f84535bdbc..202b5de773e 100644
--- a/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md
+++ b/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/invalid_oauth_authorization_url)
### Description
diff --git a/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md b/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md
index d2938e88a6e..9b1308d5aea 100644
--- a/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md
+++ b/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_requirement_object_with_wrong_scopes)
### Description
diff --git a/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md b/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md
index 0714e759d01..27b3d80065a 100644
--- a/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md
+++ b/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_header)
### Description
diff --git a/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md b/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md
index fffdbaa93c0..06107656bde 100644
--- a/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md
+++ b/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/undefined_security_scope_security_operations)
### Description
diff --git a/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md b/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md
index f965fba670d..53b82f4d66c 100644
--- a/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md
+++ b/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/oauth2_with_password_flow)
### Description
diff --git a/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md b/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md
index 4d8e9710a8b..7080f3ca00b 100644
--- a/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md
+++ b/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/oauth2_with_implicit_flow)
### Description
diff --git a/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md b/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md
index bbbafccb041..3d04804d0d6 100644
--- a/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md
+++ b/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/schema_with_additional_properties_set_as_boolean)
### Description
diff --git a/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md b/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md
index 1df3bc3eab0..173606b8ad3 100644
--- a/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md
+++ b/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_head_operation)
### Description
diff --git a/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md b/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md
index c91182b74af..078b7a5c0a9 100644
--- a/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md
+++ b/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_delete_operation)
### Description
diff --git a/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md b/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md
index c1532bb18b5..4ca3b020676 100644
--- a/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md
+++ b/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unknown_prefix)
### Description
diff --git a/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md b/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md
index af82017899f..1eecd56bc15 100644
--- a/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md
+++ b/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_oauth2_token_url)
### Description
diff --git a/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md b/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md
index 2be9c7223fd..1f07529b828 100644
--- a/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md
+++ b/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/host_with_invalid_pattern)
### Description
diff --git a/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md b/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md
index 727b133930a..787e99ac1d7 100644
--- a/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md
+++ b/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/properties_missing_required_property)
### Description
diff --git a/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md b/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md
index d9f3e9b8ed5..45b5b1c1bc3 100644
--- a/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md
+++ b/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_discriminator_mismatch_defined_properties)
### Description
diff --git a/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md b/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md
index 96fc85b4a57..5d7938e9dfe 100644
--- a/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md
+++ b/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/api_key_exposed_in_global_security_scheme)
### Description
diff --git a/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md b/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md
index ea9493f14c3..8c60b337a31 100644
--- a/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md
+++ b/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_allow_reserved_encoding_object_ignored)
### Description
diff --git a/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md b/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md
index b06de41e1f7..f6dedf654bf 100644
--- a/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md
+++ b/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unknown_property)
### Description
diff --git a/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md b/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md
index e1a565ec776..48c243920d7 100644
--- a/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md
+++ b/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/undefined_security_scope_security_operations)
### Description
diff --git a/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md b/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md
index 8d0553d56bb..6f2d593adcf 100644
--- a/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md
+++ b/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_undefined_type)
### Description
diff --git a/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md b/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md
index 401410b8ad5..761194ba666 100644
--- a/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md
+++ b/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/operation_without_successful_http_status_code)
### Description
diff --git a/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md b/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md
index 5cd4742a96b..26aa59d7097 100644
--- a/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md
+++ b/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/property_allow_empty_value_improperly_defined)
### Description
diff --git a/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md b/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md
index 18ee308e0c9..4607d854413 100644
--- a/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md
+++ b/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/schema_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md b/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md
index 327e1c86f29..1385e460274 100644
--- a/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md
+++ b/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/encoding_header_content_type_improperly_defined)
### Description
diff --git a/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md b/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md
index 8305ea30f74..b3b5737e8fd 100644
--- a/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md
+++ b/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_object_empty)
### Description
diff --git a/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md b/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md
index dbe0d0b4132..8f97ad262db 100644
--- a/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md
+++ b/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/header_object_without_schema)
### Description
diff --git a/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md b/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md
index 4e241db3576..b922748bd66 100644
--- a/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md
+++ b/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_oauth_authorization_url)
### Description
diff --git a/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md b/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md
index 969690ef115..4b79a80e058 100644
--- a/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md
+++ b/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_empty_object_definition)
### Description
diff --git a/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md b/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md
index 4edf1070964..6095935278a 100644
--- a/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md
+++ b/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/template_path_parameter_with_no_corresponding_path_parameter)
### Description
diff --git a/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md b/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md
index b23474ce55e..110f88f510f 100644
--- a/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md
+++ b/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/request_body_object_with_incorrect_media_type)
### Description
diff --git a/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md b/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md
index 0335dc35c7a..beb42d163e7 100644
--- a/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md
+++ b/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/empty_array)
### Description
diff --git a/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md b/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md
index 724a6a0c001..a3cc6807913 100644
--- a/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md
+++ b/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_allow_empty_value_ignored)
### Description
diff --git a/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md b/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md
index 093a271ecd8..cf2dfb3529e 100644
--- a/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md
+++ b/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_tag_external_documentation_url)
### Description
diff --git a/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md b/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md
index d6e086b67ba..7ed8c5f318e 100644
--- a/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md
+++ b/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/object_without_required_property)
### Description
diff --git a/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md b/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md
index 4bb49d8c966..9badd94233c 100644
--- a/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md
+++ b/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_operation_external_documentation_url)
### Description
diff --git a/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md b/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md
index 0a7d51d93e4..e5c1e58a491 100644
--- a/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md
+++ b/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_put_operation)
### Description
diff --git a/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md b/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md
index 61d33b06156..a7d9fb7d084 100644
--- a/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md
+++ b/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/link_object_with_both_operation_id_and_operation_ref)
### Description
diff --git a/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md b/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md
index b16fecd9f78..5d192ad8039 100644
--- a/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md
+++ b/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_operations_empty_array)
### Description
diff --git a/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md b/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md
index 3190db6484a..546e8ecd199 100644
--- a/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md
+++ b/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_using_http_basic)
### Description
diff --git a/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md b/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md
index 45c45add52f..8744bc989af 100644
--- a/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md
+++ b/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_schema_external_documentation_url)
### Description
diff --git a/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md b/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md
index 930dd075cf7..9d88dfc3f01 100644
--- a/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md
+++ b/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_parameter_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md b/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md
index 2b8da994db1..e7052aa4da7 100644
--- a/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md
+++ b/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/array_without_maximum_number_items)
### Description
diff --git a/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md b/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md
index 48cb7b5eaf0..4a05f6d9633 100644
--- a/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md
+++ b/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_parameter_with_no_corresponding_template_path)
### Description
diff --git a/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md b/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md
index fab523c6cba..70444c4b901 100644
--- a/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md
+++ b/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_example)
### Description
diff --git a/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md b/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md
index 305af27d2e4..bd4b76c9a41 100644
--- a/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md
+++ b/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_request_body_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md b/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md
index 8677e1a168a..20a9ac50f9a 100644
--- a/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md
+++ b/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/response_code_missing)
### Description
diff --git a/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md b/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md
index 6822d1499b2..d10e45776e2 100644
--- a/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md
+++ b/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unused_schema_definition)
### Description
diff --git a/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md b/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md
index 880b0beda8f..55ded4bfa03 100644
--- a/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md
+++ b/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_parameter_named_as_content_type)
### Description
diff --git a/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md b/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md
index fd9fc9d9980..b77917f8ccf 100644
--- a/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md
+++ b/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/non_body_parameter_with_schema)
### Description
diff --git a/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md b/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md
index dd8df3a66ef..59cf2737cbd 100644
--- a/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md
+++ b/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/property_not_unique)
### Description
diff --git a/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md b/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md
index 47433feebb9..2779bb705a4 100644
--- a/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md
+++ b/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/multi_collectionformat_not_valid_in_parameter)
### Description
diff --git a/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md b/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md
index 77621f29e0c..62ce809470e 100644
--- a/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md
+++ b/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/global_security_scheme_using_basic_authentication)
### Description
diff --git a/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md b/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md
index c50d6160bbf..e4936fdb09b 100644
--- a/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md
+++ b/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_definitions_allows_password_flow)
### Description
diff --git a/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md b/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md
index 161e6e49141..541e0aaa15c 100644
--- a/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md
+++ b/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_response)
### Description
diff --git a/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md b/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md
index 05075859f38..d0a864375b0 100644
--- a/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md
+++ b/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_allow_reserved_improperly_defined)
### Description
diff --git a/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md b/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md
index eee36ec98c2..d8dd3648978 100644
--- a/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md
+++ b/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/file_parameter_with_wrong_consumes_property)
### Description
diff --git a/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md b/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md
index 192af1439e4..97a8bfac168 100644
--- a/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md
+++ b/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_link)
### Description
diff --git a/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md b/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md
index 41264db841b..2dd761fda4c 100644
--- a/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md
+++ b/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/paths_object_empty)
### Description
diff --git a/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md b/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md
index 803b01daf0a..72aa0c8cd23 100644
--- a/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md
+++ b/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_without_operation)
### Description
diff --git a/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md b/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md
index f402d544f6e..b518c2cfffa 100644
--- a/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md
+++ b/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/cleartext_credentials_with_basic_auth_for_operation)
### Description
diff --git a/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md b/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md
index 0bb92c131d6..046d1cf1f41 100644
--- a/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md
+++ b/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/default_response_undefined_operations)
### Description
diff --git a/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md b/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md
index 7835acbc222..70f0fa99d8c 100644
--- a/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md
+++ b/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/example_not_compliant_with_schema_type)
### Description
diff --git a/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md b/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md
index f9ce6d33a67..80a2b163d0b 100644
--- a/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md
+++ b/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/server_object_variable_not_used)
### Description
diff --git a/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md b/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md
index c3a63f9cb34..3f84404147d 100644
--- a/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md
+++ b/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/global_security_field_undefined)
### Description
diff --git a/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md b/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md
index e09aaf93778..a0b6f806794 100644
--- a/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md
+++ b/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_content_with_multiple_entries)
### Description
diff --git a/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md b/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md
index 4a0cb3e9d72..055f406d112 100644
--- a/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md
+++ b/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/string_schema_with_broad_pattern)
### Description
diff --git a/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md b/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md
index 7face895f70..4dab416fbb0 100644
--- a/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md
+++ b/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/maximum_length_undefined)
### Description
diff --git a/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md b/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md
index 3f670dc66a5..6665bc0fb11 100644
--- a/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md
+++ b/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_parameter_named_as_authorization)
### Description
diff --git a/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md b/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md
index 46e593e0d42..30aebae6bca 100644
--- a/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md
+++ b/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/server_url_uses_undefined_variables)
### Description
diff --git a/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md b/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md
index f620e6ecbd3..7a154d719f2 100644
--- a/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md
+++ b/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_undefined)
### Description
diff --git a/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md b/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md
index 62a1d357ebb..fef0e9a6e68 100644
--- a/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md
+++ b/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_without_schema)
### Description
diff --git a/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md b/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md
index 6275b528d2a..922461fab02 100644
--- a/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md
+++ b/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_license_url)
### Description
diff --git a/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md b/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md
index 8f6c14853c3..205477e21cd 100644
--- a/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md
+++ b/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_schema_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md b/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md
index aa4fe37ddf4..3ccd3ab559c 100644
--- a/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md
+++ b/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/path_server_uses_http)
### Description
diff --git a/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md b/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md
index c4860055fea..f1db32661f7 100644
--- a/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md
+++ b/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/no_global_and_operation_security_defined)
### Description
diff --git a/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md b/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md
index e9211cd485e..a43c709093e 100644
--- a/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md
+++ b/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/json_ref_alongside_properties)
### Description
diff --git a/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md b/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md
index 33e8c1b687d..0373cb6b3d0 100644
--- a/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md
+++ b/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/json_reference_does_not_exists_schema)
### Description
diff --git a/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md b/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md
index f9c76d95002..7e68803ecfa 100644
--- a/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md
+++ b/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/responses_object_is_empty)
### Description
diff --git a/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md b/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md
index ecdc81f05d6..3a2d15bb206 100644
--- a/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md
+++ b/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/undefined_security_scope_global_security)
### Description
diff --git a/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md b/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md
index 454416d239f..8102536efa8 100644
--- a/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md
+++ b/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_response_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md b/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md
index 0ae50112818..75312bfb7f4 100644
--- a/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md
+++ b/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/json_object_schema_without_properties)
### Description
diff --git a/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md b/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md
index 4cb2bd8cbb4..4eb49313510 100644
--- a/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md
+++ b/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/additional_properties_too_permissive)
### Description
diff --git a/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md b/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md
index 919fba52b9a..3949045bfba 100644
--- a/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md
+++ b/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/server_url_not_absolute)
### Description
diff --git a/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md b/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md
index bd2bec3a9d0..7a3388d9f19 100644
--- a/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md
+++ b/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/additional_properties_too_restrective)
### Description
diff --git a/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md b/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md
index feb2d73c792..fde92a0810d 100644
--- a/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md
+++ b/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_using_http_digest)
### Description
diff --git a/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md b/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md
index 00953a5f7bb..65277565ba9 100644
--- a/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md
+++ b/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/schemes_uses_http copy)
### Description
diff --git a/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md b/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md
index 6b85c8e067b..5e1a30a96ce 100644
--- a/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md
+++ b/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_explode_encoding_object_ignored)
### Description
diff --git a/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md b/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md
index 0027673cd0a..b25bbc44d05 100644
--- a/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md
+++ b/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/unknown_prefix)
### Description
diff --git a/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md b/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md
index 979451446f9..6aa385b0557 100644
--- a/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md
+++ b/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_requirement_not_defined_in_security_definition)
### Description
diff --git a/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md b/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md
index e24859d3948..bae972cd43a 100644
--- a/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md
+++ b/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/path_scheme_accepts_http)
### Description
diff --git a/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md b/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md
index 8ad999f6d34..8afd1b6cb93 100644
--- a/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md
+++ b/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_header_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md b/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md
index 92c01abd464..58020dd150a 100644
--- a/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md
+++ b/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/items_undefined)
### Description
diff --git a/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md b/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md
index d66b6d47d28..e2ede45d7e1 100644
--- a/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md
+++ b/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/type_has_invalid_keyword)
### Description
diff --git a/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md b/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md
index 8d324c3a9ea..f4f8a1c099b 100644
--- a/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md
+++ b/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/response_operations_body_schema_undefined)
### Description
diff --git a/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md b/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md
index b2851599dd0..2784c0a1e71 100644
--- a/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md
+++ b/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/default_invalid)
### Description
diff --git a/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md b/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md
index 9203d2a86eb..b0440342095 100644
--- a/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md
+++ b/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_field_undefined)
### Description
diff --git a/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md b/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md
index e3ed4817cb1..4a019c5adb3 100644
--- a/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md
+++ b/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/property_defining_maximum_not_greater_than_minimum)
### Description
diff --git a/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md b/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md
index 3a90486bb71..19ee66c00c9 100644
--- a/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md
+++ b/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_template_empty)
### Description
diff --git a/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md b/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md
index 8dd52b1b3f0..87b50cecf61 100644
--- a/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md
+++ b/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/api_key_exposed_in_global_security)
### Description
diff --git a/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md b/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md
index f89fdeeb360..1674db1b052 100644
--- a/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md
+++ b/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_example_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md b/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md
index 40f40395416..cc4a00c1a4e 100644
--- a/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md
+++ b/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_contact_email)
### Description
diff --git a/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md b/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md
index 83772faac94..b187aa3a6ec 100644
--- a/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md
+++ b/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_global_external_documentation_url)
### Description
diff --git a/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md b/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md
index 47e63b31edd..68ed1fdf03e 100644
--- a/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md
+++ b/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_get_operation)
### Description
diff --git a/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md b/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md
index 27c62aad207..a3e3f65596f 100644
--- a/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md
+++ b/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unused_parameter_definition)
### Description
diff --git a/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md b/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md
index 4e716b54e4a..ebccd6f07bc 100644
--- a/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md
+++ b/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/response_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md b/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md
index 8c18be7389b..71d38f482e4 100644
--- a/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md
+++ b/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/basepath_with_wrong_format)
### Description
diff --git a/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md b/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md
index 8d474bc6922..d25d103e00d 100644
--- a/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md
+++ b/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_discriminator_not_required)
### Description
diff --git a/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md b/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md
index 96cfe16e427..3a93f332a5d 100644
--- a/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md
+++ b/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/multi_body_parameters_same_operation)
### Description
diff --git a/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md b/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md
index c57eddfb826..8dcc04addad 100644
--- a/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md
+++ b/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/link_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md b/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md
index 0acf271c8bd..ddfcc9003f8 100644
--- a/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md
+++ b/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/callback_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md b/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md
index bcdcfb8cd1c..1c89ead15f2 100644
--- a/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md
+++ b/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/non_oauth2_security_requirement_defining_oauth2_scopes)
### Description
diff --git a/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md b/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md
index acfa28d48ca..a2708e5751b 100644
--- a/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md
+++ b/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_operations_empty_object_definition)
### Description
diff --git a/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md b/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md
index 5f9a1a4b8b3..febeee31a27 100644
--- a/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md
+++ b/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/example_json_reference_outside_components_examples)
### Description
diff --git a/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md b/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md
index 9b713b5f146..ec7928831ee 100644
--- a/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md
+++ b/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/response_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md b/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md
index 697c2e2827a..cec25df124f 100644
--- a/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md
+++ b/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/array_items_has_no_type)
### Description
diff --git a/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md b/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md
index 0356e9257d6..13ee254f5d4 100644
--- a/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md
+++ b/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/constraining_enum_property)
### Description
diff --git a/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md b/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md
index 2376fa2c1c3..cc7da5ba677 100644
--- a/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md
+++ b/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_object_without_produces)
### Description
diff --git a/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md b/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md
index e91f3c7352d..f0ee3bef311 100644
--- a/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md
+++ b/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_link_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md b/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md
index efb79e00faf..7971d09ef63 100644
--- a/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md
+++ b/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/operation_id_not_unique)
### Description
diff --git a/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md b/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md
index d7a30f912ca..f58c83fca8b 100644
--- a/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md
+++ b/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/body_parameter_with_wrong_property)
### Description
diff --git a/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md b/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md
index 91d97c16ca3..a9d200b659c 100644
--- a/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md
+++ b/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/parameter_file_type_not_in_formdata)
### Description
diff --git a/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md b/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md
index 4ed1ca3c923..0d27ac4c99c 100644
--- a/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md
+++ b/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/link_object_operation_id_does_not_target_an_operation_object)
### Description
diff --git a/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md b/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md
index 3c59809c1b2..71f44f5b5e2 100644
--- a/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md
+++ b/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/servers_undefined)
### Description
diff --git a/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md b/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md
index 4468dcdc005..b7e7dfdbc6e 100644
--- a/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md
+++ b/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_request_body)
### Description
diff --git a/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md b/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md
index 84af27ed6a4..ddbeda0811e 100644
--- a/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md
+++ b/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/encoding_map_key_mismatch_schema_defined_properties)
### Description
diff --git a/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md b/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md
index c55a6c1f046..fed9537dd3e 100644
--- a/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md
+++ b/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_using_basic_auth)
### Description
diff --git a/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md b/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md
index 59468716b19..81d6295a7c3 100644
--- a/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md
+++ b/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_media_type_value)
### Description
diff --git a/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md b/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md
index 7f3a2b4882f..2a0e31db58b 100644
--- a/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md
+++ b/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_callback_definition_unused)
### Description
diff --git a/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md b/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md
index 393161b1f70..b4bb8453455 100644
--- a/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md
+++ b/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/object_without_required_property)
### Description
diff --git a/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md b/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md
index 9bfa82451e9..247c46a30ea 100644
--- a/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md
+++ b/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/schema_with_both_read_only_and_write_only)
### Description
diff --git a/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md b/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md
index 221f049ddea..c8ac10991e3 100644
--- a/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md
+++ b/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_type_encoding_object_ignored)
### Description
diff --git a/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md b/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md
index a9075b284af..f73bfc85fdf 100644
--- a/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md
+++ b/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_incorrect_ref)
### Description
diff --git a/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md b/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md
index d5211b8b2d9..b33ab27b07f 100644
--- a/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md
+++ b/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_summary_too_long)
### Description
diff --git a/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md b/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md
index dd87348c4fb..be6bef75432 100644
--- a/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md
+++ b/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_response_name_is_invalid)
### Description
diff --git a/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md b/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md
index c117d749b01..c261777f8dd 100644
--- a/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md
+++ b/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_empty_array)
### Description
diff --git a/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md b/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md
index fb970baa28a..89462e259a9 100644
--- a/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md
+++ b/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/responses_wrong_http_status_code)
### Description
diff --git a/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md b/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md
index 2583164f83a..b33cd758386 100644
--- a/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md
+++ b/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_format)
### Description
diff --git a/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md b/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md
index 8086a7d925b..c0a7b1fe169 100644
--- a/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md
+++ b/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_discriminator_property_not_string)
### Description
diff --git a/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md b/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md
index 5d9063d6384..908ee5b7d49 100644
--- a/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md
+++ b/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/json_object_schema_without_type)
### Description
diff --git a/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md b/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md
index 1e1d27d1563..3122a805a5d 100644
--- a/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md
+++ b/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_definitions_undefined_or_empty)
### Description
diff --git a/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md b/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md
index 518deb82f01..8481821c7d7 100644
--- a/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md
+++ b/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/implicit_flow_oauth2)
### Description
diff --git a/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md b/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md
index 2047bda867a..5074648a5ba 100644
--- a/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md
+++ b/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/json_reference_does_not_exists_response)
### Description
diff --git a/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md b/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md
index 1962184675b..0f798805c90 100644
--- a/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md
+++ b/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_object_parameters_with_body_and_formatdata)
### Description
diff --git a/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md b/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md
index 6a907ea69b0..6669ed9133e 100644
--- a/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md
+++ b/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/body_parameter_without_schema)
### Description
diff --git a/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md b/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md
index cd6f36df299..00c3ad78d1e 100644
--- a/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md
+++ b/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_parameter_named_as_accept)
### Description
diff --git a/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md b/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md
index 7130b9d88a0..570e55831d6 100644
--- a/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md
+++ b/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_callback)
### Description
diff --git a/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md b/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md
index 43f214c06d5..d7501e1e983 100644
--- a/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md
+++ b/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/global_schemes_uses_http)
### Description
diff --git a/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md b/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md
index 3826247bbe1..19b4b3d40ad 100644
--- a/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md
+++ b/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_post_operation)
### Description
diff --git a/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md b/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md
index 2375e2e0484..73d7bd63def 100644
--- a/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md
+++ b/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_using_implicit_flow)
### Description
diff --git a/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md b/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md
index cd46fe4144f..fe301883eb9 100644
--- a/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md
+++ b/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_using_http_negotiate)
### Description
diff --git a/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md b/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md
index dbea3eee7b1..63d9aefc7d9 100644
--- a/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md
+++ b/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/parameters_name_in_not_unique)
### Description
diff --git a/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md b/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md
index a673af8dee1..44876274f94 100644
--- a/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md
+++ b/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/media_type_object_without_schema)
### Description
diff --git a/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md b/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md
index e94ad99d591..4dd1b2bcbda 100644
--- a/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md
+++ b/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/invalid_media_type_value)
### Description
diff --git a/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md b/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md
index 539ae0c3f1e..3334c8e8c78 100644
--- a/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md
+++ b/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/unknown_property)
### Description
diff --git a/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md b/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md
index 15d18d520ab..0e24a823154 100644
--- a/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md
+++ b/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Info
- **Category:** Structure and Semantics
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/json_reference_does_not_exists_parameter)
### Description
diff --git a/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md b/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md
index 016945d731c..9bd74aa686b 100644
--- a/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md
+++ b/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** OpenAPI
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/numeric_schema_without_format)
### Description
diff --git a/docs/queries/pulumi-queries.md b/docs/queries/pulumi-queries.md
index 011004deff8..0d96bd90041 100644
--- a/docs/queries/pulumi-queries.md
+++ b/docs/queries/pulumi-queries.md
@@ -8,21 +8,21 @@ Below are listed queries related to Pulumi AWS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Amazon DMS Replication Instance Is Publicly Accessible
bccb296f-362c-4b05-9221-86d1437a1016|Critical|Access Control|Query details
Documentation
|
-|DynamoDB Table Not Encrypted
b6a7e0ae-aed8-4a19-a993-a95760bf8836|High|Encryption|Query details
Documentation
|
-|ElastiCache Nodes Not Created Across Multi AZ
9b18fc19-7fb8-49b1-8452-9c757c70f926|Medium|Availability|Query details
Documentation
|
-|ElastiCache Redis Cluster Without Backup
e93bbe63-a631-4c0f-b6ef-700d48441ff2|Medium|Backup|Query details
Documentation
|
-|API Gateway Without SSL Certificate
f27791a5-e2ae-4905-8910-6f995c576d09|Medium|Insecure Configurations|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
647de8aa-5a42-41b5-9faf-22136f117380|Medium|Insecure Configurations|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
00603add-7f72-448f-a6c0-9e456a7a3f94|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Access Logging Disabled
bf4b48b9-fc1f-4552-984a-4becdb5bf503|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
2ca87964-fe7e-4cdc-899c-427f0f3525f8|Medium|Observability|Query details
Documentation
|
-|EC2 Instance Monitoring Disabled
daa581ef-731c-4121-832d-cf078f67759d|Medium|Observability|Query details
Documentation
|
-|Elasticsearch Logs Disabled
a1120ee4-a712-42d9-8fb5-22595fed643b|Medium|Observability|Query details
Documentation
|
-|IAM Password Without Minimum Length
9850d621-7485-44f7-8bdd-b3cf426315cf|Low|Best Practices|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
abcefee4-a0c1-4245-9f82-a473f79a9e2f|Low|Observability|Query details
Documentation
|
-|DynamoDB Table Point In Time Recovery Disabled
327b0729-4c5c-4c44-8b5c-e476cd9c7290|Info|Best Practices|Query details
Documentation
|
-|EC2 Not EBS Optimized
d991e4ae-42ab-429b-ab43-d5e5fa9ca633|Info|Best Practices|Query details
Documentation
|
+|Amazon DMS Replication Instance Is Publicly Accessible
bccb296f-362c-4b05-9221-86d1437a1016|Critical|Access Control|Query details
Documentation
|
+|DynamoDB Table Not Encrypted
b6a7e0ae-aed8-4a19-a993-a95760bf8836|High|Encryption|Query details
Documentation
|
+|ElastiCache Nodes Not Created Across Multi AZ
9b18fc19-7fb8-49b1-8452-9c757c70f926|Medium|Availability|Query details
Documentation
|
+|ElastiCache Redis Cluster Without Backup
e93bbe63-a631-4c0f-b6ef-700d48441ff2|Medium|Backup|Query details
Documentation
|
+|API Gateway Without SSL Certificate
f27791a5-e2ae-4905-8910-6f995c576d09|Medium|Insecure Configurations|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
647de8aa-5a42-41b5-9faf-22136f117380|Medium|Insecure Configurations|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
00603add-7f72-448f-a6c0-9e456a7a3f94|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Access Logging Disabled
bf4b48b9-fc1f-4552-984a-4becdb5bf503|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
2ca87964-fe7e-4cdc-899c-427f0f3525f8|Medium|Observability|Query details
Documentation
|
+|EC2 Instance Monitoring Disabled
daa581ef-731c-4121-832d-cf078f67759d|Medium|Observability|Query details
Documentation
|
+|Elasticsearch Logs Disabled
a1120ee4-a712-42d9-8fb5-22595fed643b|Medium|Observability|Query details
Documentation
|
+|IAM Password Without Minimum Length
9850d621-7485-44f7-8bdd-b3cf426315cf|Low|Best Practices|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
abcefee4-a0c1-4245-9f82-a473f79a9e2f|Low|Observability|Query details
Documentation
|
+|DynamoDB Table Point In Time Recovery Disabled
327b0729-4c5c-4c44-8b5c-e476cd9c7290|Info|Best Practices|Query details
Documentation
|
+|EC2 Not EBS Optimized
d991e4ae-42ab-429b-ab43-d5e5fa9ca633|Info|Best Practices|Query details
Documentation
|
### AZURE
Below are listed queries related to Pulumi AZURE:
@@ -31,8 +31,8 @@ Below are listed queries related to Pulumi AZURE:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Storage Account Not Forcing HTTPS
cb8e4bf0-903d-45c6-a278-9a947d82a27b|Medium|Encryption|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
49e30ac8-f58e-4222-b488-3dcb90158ec1|Medium|Insecure Configurations|Query details
Documentation
|
+|Storage Account Not Forcing HTTPS
cb8e4bf0-903d-45c6-a278-9a947d82a27b|Medium|Encryption|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
49e30ac8-f58e-4222-b488-3dcb90158ec1|Medium|Insecure Configurations|Query details
Documentation
|
### GCP
Below are listed queries related to Pulumi GCP:
@@ -41,8 +41,8 @@ Below are listed queries related to Pulumi GCP:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Google Compute SSL Policy Weak Cipher In Use
965e8830-2bec-4b9b-a7f0-24dbc200a68f|Medium|Encryption|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
48f7e44d-d1d1-44c2-b336-9f11b65c4fb0|Medium|Observability|Query details
Documentation
|
+|Google Compute SSL Policy Weak Cipher In Use
965e8830-2bec-4b9b-a7f0-24dbc200a68f|Medium|Encryption|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
48f7e44d-d1d1-44c2-b336-9f11b65c4fb0|Medium|Observability|Query details
Documentation
|
### KUBERNETES
Below are listed queries related to Pulumi KUBERNETES:
@@ -51,5 +51,5 @@ Below are listed queries related to Pulumi KUBERNETES:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|PSP Set To Privileged
ee305555-6b1d-4055-94cf-e22131143c34|High|Insecure Configurations|Query details
Documentation
|
-|Missing App Armor Config
95588189-1abd-4df1-9588-b0a5034f9e87|Medium|Access Control|Query details
Documentation
|
+|PSP Set To Privileged
ee305555-6b1d-4055-94cf-e22131143c34|High|Insecure Configurations|Query details
Documentation
|
+|Missing App Armor Config
95588189-1abd-4df1-9588-b0a5034f9e87|Medium|Access Control|Query details
Documentation
|
diff --git a/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md b/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md
index e9b4ad4a5b9..9d21f9a52f4 100644
--- a/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md
+++ b/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/kubernetes/missing_app_armor_config)
### Description
diff --git a/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md b/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md
index c69ac43220a..1e415124ed6 100644
--- a/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md
+++ b/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticsearch_with_https_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md b/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md
index c71ad9c9e49..9fee36a5147 100644
--- a/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md
+++ b/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/docdb_logging_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md b/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md
index a04a617a2c8..82dcf876d33 100644
--- a/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md
+++ b/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/dynamodb_table_point_in_time_recovery_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md b/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md
index f55a6bac0d9..6d0d209abc1 100644
--- a/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md
+++ b/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/rds_db_instance_publicly_accessible)
### Description
diff --git a/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md b/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md
index 61215b99909..9021a0723a5 100644
--- a/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md
+++ b/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/iam_password_without_minimum_length)
### Description
diff --git a/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md b/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md
index c1af1f02e7f..fd7d5b805d8 100644
--- a/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md
+++ b/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticache_nodes_not_created_across_multi_az)
### Description
diff --git a/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md b/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md
index 820d302f667..15cea8e7d6e 100644
--- a/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md
+++ b/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticsearch_logs_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md b/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md
index ea456a93323..4808dc8277e 100644
--- a/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md
+++ b/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/ecs_cluster_container_insights_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md b/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md
index f0a345f61bc..3a23e0b6339 100644
--- a/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md
+++ b/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/dynamodb_table_not_encrypted)
### Description
diff --git a/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md b/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md
index ebe9389e2bf..3a01bdef1dc 100644
--- a/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md
+++ b/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/amazon_dms_replication_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md b/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md
index 212c8817825..b808fcb49e2 100644
--- a/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md
+++ b/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/api_gateway_access_logging_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md b/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md
index cdbc3eed35f..56cc3c74df2 100644
--- a/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md
+++ b/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/ec2_not_ebs_optimized)
### Description
diff --git a/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md b/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md
index 91666881041..740a61e60ab 100644
--- a/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md
+++ b/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/ec2_instance_monitoring_disabled)
### Description
diff --git a/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md b/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md
index dfaa8aa553e..766e7b71fde 100644
--- a/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md
+++ b/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticache_redis_cluster_without_backup)
### Description
diff --git a/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md b/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md
index 40923fc9c01..cbf4284b9ad 100644
--- a/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md
+++ b/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/api_gateway_without_ssl_certificate)
### Description
diff --git a/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md b/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md
index f9d7b2f4b32..374aaedb7b3 100644
--- a/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md
+++ b/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/azure/redis_cache_allows_non_ssl_connections)
### Description
diff --git a/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md b/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md
index 4df5f59fd0b..140143206c1 100644
--- a/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md
+++ b/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/azure/storage_account_not_forcing_https)
### Description
diff --git a/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md b/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md
index fa70da6825f..d1ca7ea9a0b 100644
--- a/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md
+++ b/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/kubernetes/psp_set_to_privileged)
### Description
diff --git a/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md b/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md
index 2d8ab159cfa..227978e0b65 100644
--- a/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md
+++ b/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/gcp/cloud_storage_bucket_logging_not_enabled)
### Description
diff --git a/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md b/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md
index fe3fa16ffc5..d08766aec53 100644
--- a/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md
+++ b/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Pulumi
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/gcp/google_compute_ssl_policy_weak_cipher_in_use)
### Description
diff --git a/docs/queries/serverlessfw-queries.md b/docs/queries/serverlessfw-queries.md
index 70d7cea18aa..074cf61794c 100644
--- a/docs/queries/serverlessfw-queries.md
+++ b/docs/queries/serverlessfw-queries.md
@@ -3,13 +3,13 @@ This page contains all queries from ServerlessFW.
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Serverless Role With Full Privileges
59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd|High|Access Control|Query details
Documentation
|
-|Serverless Function Without Unique IAM Role
165aae3b-a56a-48f3-b76d-d2b5083f5b8f|High|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Environment Variables Not Encrypted
4495bc5d-4d1e-4a26-ae92-152d18195648|Medium|Encryption|Query details
Documentation
|
-|Serverless API Endpoint Config Not Private
4d424558-c6d1-453c-be98-9a7f877abd9a|Medium|Networking and Firewall|Query details
Documentation
|
-|Serverless API Access Logging Setting Undefined
a4d32883-aac7-42e1-b403-9415af0f3846|Medium|Observability|Query details
Documentation
|
-|Serverless API X-Ray Tracing Disabled
434945e5-4dfd-41b1-aba1-47075ccd9265|Medium|Observability|Query details
Documentation
|
-|Serverless API Without Content Encoding
d5d1fe08-89db-440c-8725-b93223387309|Low|Encryption|Query details
Documentation
|
-|Serverless Function Without Dead Letter Queue
dec7bc85-d156-4f64-9a33-96ed3d9f3fed|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without Tags
f99d3482-fa8c-4f79-bad9-35212dded164|Low|Insecure Configurations|Query details
Documentation
|
-|Serverless Function Without X-Ray Tracing
0d7ef70f-e176-44e6-bdba-add3e429788d|Low|Observability|Query details
Documentation
|
+|Serverless Role With Full Privileges
59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd|High|Access Control|Query details
Documentation
|
+|Serverless Function Without Unique IAM Role
165aae3b-a56a-48f3-b76d-d2b5083f5b8f|High|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Environment Variables Not Encrypted
4495bc5d-4d1e-4a26-ae92-152d18195648|Medium|Encryption|Query details
Documentation
|
+|Serverless API Endpoint Config Not Private
4d424558-c6d1-453c-be98-9a7f877abd9a|Medium|Networking and Firewall|Query details
Documentation
|
+|Serverless API Access Logging Setting Undefined
a4d32883-aac7-42e1-b403-9415af0f3846|Medium|Observability|Query details
Documentation
|
+|Serverless API X-Ray Tracing Disabled
434945e5-4dfd-41b1-aba1-47075ccd9265|Medium|Observability|Query details
Documentation
|
+|Serverless API Without Content Encoding
d5d1fe08-89db-440c-8725-b93223387309|Low|Encryption|Query details
Documentation
|
+|Serverless Function Without Dead Letter Queue
dec7bc85-d156-4f64-9a33-96ed3d9f3fed|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without Tags
f99d3482-fa8c-4f79-bad9-35212dded164|Low|Insecure Configurations|Query details
Documentation
|
+|Serverless Function Without X-Ray Tracing
0d7ef70f-e176-44e6-bdba-add3e429788d|Low|Observability|Query details
Documentation
|
diff --git a/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md b/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md
index b4dcb882833..0a1533ce977 100644
--- a/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md
+++ b/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_x-ray_tracing)
### Description
diff --git a/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md b/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md
index 9ea22985393..e489cea4aea 100644
--- a/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md
+++ b/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_unique_iam_role)
### Description
diff --git a/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md b/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md
index 0606b74d953..2c3ca69b528 100644
--- a/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md
+++ b/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_xray_tracing_disabled)
### Description
diff --git a/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md b/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md
index fed4162ec21..e8e60b67740 100644
--- a/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md
+++ b/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_environment_variables_not_encrypted)
### Description
diff --git a/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md b/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md
index 93d809b933b..dd0ae59f828 100644
--- a/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md
+++ b/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_endpoint_config_not_private)
### Description
diff --git a/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md b/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md
index 9ca2821c4fd..106c9f8747e 100644
--- a/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md
+++ b/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_role_with_full_privileges)
### Description
diff --git a/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md b/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md
index 23c9318d8ee..440ef7f8e8c 100644
--- a/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md
+++ b/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_access_logging_setting_undefined)
### Description
diff --git a/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md b/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md
index 9f5a6d52827..dd696ca15e1 100644
--- a/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md
+++ b/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_without_content_encoding)
### Description
diff --git a/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md b/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md
index 4ad72967068..2c516b63e9e 100644
--- a/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md
+++ b/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_dead_letter_queue)
### Description
diff --git a/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md b/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md
index d66990d5dd1..5cc210b44a9 100644
--- a/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md
+++ b/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** ServerlessFW
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_tags)
### Description
diff --git a/docs/queries/terraform-queries.md b/docs/queries/terraform-queries.md
index dfa661fb6a6..8ecf2142ac3 100644
--- a/docs/queries/terraform-queries.md
+++ b/docs/queries/terraform-queries.md
@@ -8,62 +8,62 @@ Below are listed queries related to Terraform ALICLOUD:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|OSS Bucket Allows All Actions From All Principals
ec62a32c-a297-41ca-a850-cab40b42094a|Critical|Access Control|Query details
Documentation
|
-|OSS Bucket Allows Delete Action From All Principals
8c0695d8-2378-4cd6-8243-7fd5894fa574|Critical|Access Control|Query details
Documentation
|
-|OSS Bucket Allows Put Action From All Principals
fe286195-e75c-4359-bd58-00847c4f855a|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
faaefc15-51a5-419e-bb5e-51a4b5ab3485|Critical|Insecure Configurations|Query details
Documentation
|
-|OSS Bucket Allows List Action From All Principals
88541597-6f88-42c8-bac6-7e0b855e8ff6|High|Access Control|Query details
Documentation
|
-|OSS Bucket Public Access Enabled
62232513-b16f-4010-83d7-51d0e1d45426|High|Access Control|Query details
Documentation
|
-|Ecs Data Disk Kms Key Id Undefined
f262118c-1ac6-4bb3-8495-cc48f1775b85|High|Encryption|Query details
Documentation
|
-|Launch Template Is Not Encrypted
1455cb21-1d48-46d6-8ae3-cef911b71fd5|High|Encryption|Query details
Documentation
|
-|NAS File System Not Encrypted
67bfdff1-31ce-4525-b564-e94368735360|High|Encryption|Query details
Documentation
|
-|NAS File System Without KMS
5f670f9d-b1b4-4c90-8618-2288f1ab9676|High|Encryption|Query details
Documentation
|
-|RDS Instance TDE Status Disabled
44d434ca-a9bf-4203-8828-4c81a8d5a598|High|Encryption|Query details
Documentation
|
-|OSS Bucket Has Static Website
2b13c6ff-b87a-484d-86fd-21ef6e97d426|High|Insecure Configurations|Query details
Documentation
|
-|OSS Bucket Ip Restriction Disabled
6107c530-7178-464a-88bc-df9cdd364ac8|High|Networking and Firewall|Query details
Documentation
|
-|Public Security Group Rule All Ports or Protocols
60587dbd-6b67-432e-90f7-a8cf1892d968|High|Networking and Firewall|Query details
Documentation
|
-|Public Security Group Rule Sensitive Port
2ae9d554-23fb-4065-bfd1-fe43d5f7c419|High|Networking and Firewall|Query details
Documentation
|
-|Public Security Group Rule Unknown Port
dd706080-b7a8-47dc-81fb-3e8184430ec0|High|Networking and Firewall|Query details
Documentation
|
-|ActionTrail Trail OSS Bucket is Publicly Accessible
69b5d7da-a5db-4db9-a42e-90b65d0efb0b|High|Observability|Query details
Documentation
|
-|Ram Policy Admin Access Not Attached to Users Groups Roles
e8e62026-da63-4904-b402-65adfe3ca975|Medium|Access Control|Query details
Documentation
|
-|Ram Policy Attached to User
66505003-7aba-45a1-8d83-5162d5706ef5|Medium|Access Control|Query details
Documentation
|
-|CMK Is Unusable
ed6e3ba0-278f-47b6-a1f5-173576b40b7e|Medium|Availability|Query details
Documentation
|
-|OSS Bucket Versioning Disabled
70919c0b-2548-4e6b-8d7a-3d84ab6dabba|Medium|Backup|Query details
Documentation
|
-|ROS Stack Retention Disabled
4bb06fa1-2114-4a00-b7b5-6aeab8b896f0|Medium|Backup|Query details
Documentation
|
-|ROS Stack Without Template
92d65c51-5d82-4507-a2a1-d252e9706855|Medium|Build Process|Query details
Documentation
|
-|Disk Encryption Disabled
39750e32-3fe9-453b-8c33-dd277acdb2cc|Medium|Encryption|Query details
Documentation
|
-|OSS Bucket Encryption Using CMK Disabled
f20e97f9-4919-43f1-9be9-f203cd339cdd|Medium|Encryption|Query details
Documentation
|
-|SLB Policy With Insecure TLS Version In Use
dbfc834a-56e5-4750-b5da-73fda8e73f70|Medium|Encryption|Query details
Documentation
|
-|CS Kubernetes Node Pool Auto Repair Disabled
81ce9394-013d-4731-8fcc-9d229b474073|Medium|Insecure Configurations|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
1b4565c0-4877-49ac-ab03-adebbccd42ae|Medium|Insecure Configurations|Query details
Documentation
|
-|ALB Listening on HTTP
ee3b1557-9fb5-4685-a95d-93f1edf2a0d7|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway API Protocol Not HTTPS
1bcdf9f0-b1aa-40a4-b8c6-cd7785836843|Medium|Networking and Firewall|Query details
Documentation
|
-|OSS Buckets Secure Transport Disabled
c01d10de-c468-4790-b3a0-fc887a56f289|Medium|Networking and Firewall|Query details
Documentation
|
-|RDS Instance SSL Action Disabled
7a1ee8a9-71be-4b11-bb70-efb62d16863b|Medium|Networking and Firewall|Query details
Documentation
|
-|Action Trail Logging For All Regions Disabled
c065b98e-1515-4991-9dca-b602bd6a2fbb|Medium|Observability|Query details
Documentation
|
-|OSS Bucket Logging Disabled
05db341e-de7d-4972-a106-3e2bd5ee53e1|Medium|Observability|Query details
Documentation
|
-|RDS Instance Events Not Logged
b9c524a4-fe76-4021-a6a2-cb978fb4fde1|Medium|Observability|Query details
Documentation
|
-|RDS Instance Log Connections Disabled
140869ea-25f2-40d4-a595-0c0da135114e|Medium|Observability|Query details
Documentation
|
-|RDS Instance Log Disconnections Disabled
d53f4123-f8d8-4224-8cb3-f920b151cc98|Medium|Observability|Query details
Documentation
|
-|RDS Instance Log Duration Disabled
a597e05a-c065-44e7-9cc8-742f572a504a|Medium|Observability|Query details
Documentation
|
-|VPC Flow Logs Disabled
d2731f3d-a992-44ed-812e-f4f1c2747d71|Medium|Observability|Query details
Documentation
|
-|No ROS Stack Policy
72ceb736-0aee-43ea-a191-3a69ab135681|Medium|Resource Management|Query details
Documentation
|
-|High KMS Key Rotation Period
cb319d87-b90f-485e-a7e7-f2408380f309|Medium|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Max Login Attempts Unrecommended
e76fd7ab-7333-40c6-a2d8-ea28af4a319e|Medium|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Max Password Age Unrecommended
2bb13841-7575-439e-8e0a-cccd9ede2fa8|Medium|Secret Management|Query details
Documentation
|
-|RAM Account Password Policy without Reuse Prevention
a8128dd2-89b0-464b-98e9-5d629041dfe0|Medium|Secret Management|Query details
Documentation
|
-|RAM Security Preference Not Enforce MFA Login
dcda2d32-e482-43ee-a926-75eaabeaa4e0|Low|Access Control|Query details
Documentation
|
-|OSS Bucket Transfer Acceleration Disabled
8f98334a-99aa-4d85-b72a-1399ca010413|Low|Availability|Query details
Documentation
|
-|OSS Bucket Lifecycle Rule Disabled
7db8bd7e-9772-478c-9ec5-4bc202c5686f|Low|Backup|Query details
Documentation
|
-|Kubernetes Cluster Without Terway as CNI Network Plugin
b9b7ada8-3868-4a35-854e-6100a2bb863d|Low|Networking and Firewall|Query details
Documentation
|
-|Log Retention Is Not Greater Than 90 Days
ed6cf6ff-9a1f-491c-9f88-e03c0807f390|Low|Observability|Query details
Documentation
|
-|RDS Instance Retention Period Not Recommended
dc158941-28ce-481d-a7fa-dc80761edf46|Low|Observability|Query details
Documentation
|
-|ROS Stack Notifications Disabled
9ef08939-ea40-489c-8851-667870b2ef50|Low|Observability|Query details
Documentation
|
-|Ram Account Password Policy Not Require At Least one Lowercase Character
89143358-cec6-49f5-9392-920c591c669c|Low|Secret Management|Query details
Documentation
|
-|RAM Account Password Policy Not Require at Least one Uppercase Character
5e0fb613-ba9b-44c3-88f0-b44188466bfd|Low|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Not Required Minimum Length
a9dfec39-a740-4105-bbd6-721ba163c053|Low|Secret Management|Query details
Documentation
|
-|Ram Account Password Policy Not Required Numbers
063234c0-91c0-4ab5-bbd0-47ddb5f23786|Low|Secret Management|Query details
Documentation
|
-|RAM Account Password Policy Not Required Symbols
41a38329-d81b-4be4-aef4-55b2615d3282|Low|Secret Management|Query details
Documentation
|
+|OSS Bucket Allows All Actions From All Principals
ec62a32c-a297-41ca-a850-cab40b42094a|Critical|Access Control|Query details
Documentation
|
+|OSS Bucket Allows Delete Action From All Principals
8c0695d8-2378-4cd6-8243-7fd5894fa574|Critical|Access Control|Query details
Documentation
|
+|OSS Bucket Allows Put Action From All Principals
fe286195-e75c-4359-bd58-00847c4f855a|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
faaefc15-51a5-419e-bb5e-51a4b5ab3485|Critical|Insecure Configurations|Query details
Documentation
|
+|OSS Bucket Allows List Action From All Principals
88541597-6f88-42c8-bac6-7e0b855e8ff6|High|Access Control|Query details
Documentation
|
+|OSS Bucket Public Access Enabled
62232513-b16f-4010-83d7-51d0e1d45426|High|Access Control|Query details
Documentation
|
+|Ecs Data Disk Kms Key Id Undefined
f262118c-1ac6-4bb3-8495-cc48f1775b85|High|Encryption|Query details
Documentation
|
+|Launch Template Is Not Encrypted
1455cb21-1d48-46d6-8ae3-cef911b71fd5|High|Encryption|Query details
Documentation
|
+|NAS File System Not Encrypted
67bfdff1-31ce-4525-b564-e94368735360|High|Encryption|Query details
Documentation
|
+|NAS File System Without KMS
5f670f9d-b1b4-4c90-8618-2288f1ab9676|High|Encryption|Query details
Documentation
|
+|RDS Instance TDE Status Disabled
44d434ca-a9bf-4203-8828-4c81a8d5a598|High|Encryption|Query details
Documentation
|
+|OSS Bucket Has Static Website
2b13c6ff-b87a-484d-86fd-21ef6e97d426|High|Insecure Configurations|Query details
Documentation
|
+|OSS Bucket Ip Restriction Disabled
6107c530-7178-464a-88bc-df9cdd364ac8|High|Networking and Firewall|Query details
Documentation
|
+|Public Security Group Rule All Ports or Protocols
60587dbd-6b67-432e-90f7-a8cf1892d968|High|Networking and Firewall|Query details
Documentation
|
+|Public Security Group Rule Sensitive Port
2ae9d554-23fb-4065-bfd1-fe43d5f7c419|High|Networking and Firewall|Query details
Documentation
|
+|Public Security Group Rule Unknown Port
dd706080-b7a8-47dc-81fb-3e8184430ec0|High|Networking and Firewall|Query details
Documentation
|
+|ActionTrail Trail OSS Bucket is Publicly Accessible
69b5d7da-a5db-4db9-a42e-90b65d0efb0b|High|Observability|Query details
Documentation
|
+|Ram Policy Admin Access Not Attached to Users Groups Roles
e8e62026-da63-4904-b402-65adfe3ca975|Medium|Access Control|Query details
Documentation
|
+|Ram Policy Attached to User
66505003-7aba-45a1-8d83-5162d5706ef5|Medium|Access Control|Query details
Documentation
|
+|CMK Is Unusable
ed6e3ba0-278f-47b6-a1f5-173576b40b7e|Medium|Availability|Query details
Documentation
|
+|OSS Bucket Versioning Disabled
70919c0b-2548-4e6b-8d7a-3d84ab6dabba|Medium|Backup|Query details
Documentation
|
+|ROS Stack Retention Disabled
4bb06fa1-2114-4a00-b7b5-6aeab8b896f0|Medium|Backup|Query details
Documentation
|
+|ROS Stack Without Template
92d65c51-5d82-4507-a2a1-d252e9706855|Medium|Build Process|Query details
Documentation
|
+|Disk Encryption Disabled
39750e32-3fe9-453b-8c33-dd277acdb2cc|Medium|Encryption|Query details
Documentation
|
+|OSS Bucket Encryption Using CMK Disabled
f20e97f9-4919-43f1-9be9-f203cd339cdd|Medium|Encryption|Query details
Documentation
|
+|SLB Policy With Insecure TLS Version In Use
dbfc834a-56e5-4750-b5da-73fda8e73f70|Medium|Encryption|Query details
Documentation
|
+|CS Kubernetes Node Pool Auto Repair Disabled
81ce9394-013d-4731-8fcc-9d229b474073|Medium|Insecure Configurations|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
1b4565c0-4877-49ac-ab03-adebbccd42ae|Medium|Insecure Configurations|Query details
Documentation
|
+|ALB Listening on HTTP
ee3b1557-9fb5-4685-a95d-93f1edf2a0d7|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway API Protocol Not HTTPS
1bcdf9f0-b1aa-40a4-b8c6-cd7785836843|Medium|Networking and Firewall|Query details
Documentation
|
+|OSS Buckets Secure Transport Disabled
c01d10de-c468-4790-b3a0-fc887a56f289|Medium|Networking and Firewall|Query details
Documentation
|
+|RDS Instance SSL Action Disabled
7a1ee8a9-71be-4b11-bb70-efb62d16863b|Medium|Networking and Firewall|Query details
Documentation
|
+|Action Trail Logging For All Regions Disabled
c065b98e-1515-4991-9dca-b602bd6a2fbb|Medium|Observability|Query details
Documentation
|
+|OSS Bucket Logging Disabled
05db341e-de7d-4972-a106-3e2bd5ee53e1|Medium|Observability|Query details
Documentation
|
+|RDS Instance Events Not Logged
b9c524a4-fe76-4021-a6a2-cb978fb4fde1|Medium|Observability|Query details
Documentation
|
+|RDS Instance Log Connections Disabled
140869ea-25f2-40d4-a595-0c0da135114e|Medium|Observability|Query details
Documentation
|
+|RDS Instance Log Disconnections Disabled
d53f4123-f8d8-4224-8cb3-f920b151cc98|Medium|Observability|Query details
Documentation
|
+|RDS Instance Log Duration Disabled
a597e05a-c065-44e7-9cc8-742f572a504a|Medium|Observability|Query details
Documentation
|
+|VPC Flow Logs Disabled
d2731f3d-a992-44ed-812e-f4f1c2747d71|Medium|Observability|Query details
Documentation
|
+|No ROS Stack Policy
72ceb736-0aee-43ea-a191-3a69ab135681|Medium|Resource Management|Query details
Documentation
|
+|High KMS Key Rotation Period
cb319d87-b90f-485e-a7e7-f2408380f309|Medium|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Max Login Attempts Unrecommended
e76fd7ab-7333-40c6-a2d8-ea28af4a319e|Medium|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Max Password Age Unrecommended
2bb13841-7575-439e-8e0a-cccd9ede2fa8|Medium|Secret Management|Query details
Documentation
|
+|RAM Account Password Policy without Reuse Prevention
a8128dd2-89b0-464b-98e9-5d629041dfe0|Medium|Secret Management|Query details
Documentation
|
+|RAM Security Preference Not Enforce MFA Login
dcda2d32-e482-43ee-a926-75eaabeaa4e0|Low|Access Control|Query details
Documentation
|
+|OSS Bucket Transfer Acceleration Disabled
8f98334a-99aa-4d85-b72a-1399ca010413|Low|Availability|Query details
Documentation
|
+|OSS Bucket Lifecycle Rule Disabled
7db8bd7e-9772-478c-9ec5-4bc202c5686f|Low|Backup|Query details
Documentation
|
+|Kubernetes Cluster Without Terway as CNI Network Plugin
b9b7ada8-3868-4a35-854e-6100a2bb863d|Low|Networking and Firewall|Query details
Documentation
|
+|Log Retention Is Not Greater Than 90 Days
ed6cf6ff-9a1f-491c-9f88-e03c0807f390|Low|Observability|Query details
Documentation
|
+|RDS Instance Retention Period Not Recommended
dc158941-28ce-481d-a7fa-dc80761edf46|Low|Observability|Query details
Documentation
|
+|ROS Stack Notifications Disabled
9ef08939-ea40-489c-8851-667870b2ef50|Low|Observability|Query details
Documentation
|
+|Ram Account Password Policy Not Require At Least one Lowercase Character
89143358-cec6-49f5-9392-920c591c669c|Low|Secret Management|Query details
Documentation
|
+|RAM Account Password Policy Not Require at Least one Uppercase Character
5e0fb613-ba9b-44c3-88f0-b44188466bfd|Low|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Not Required Minimum Length
a9dfec39-a740-4105-bbd6-721ba163c053|Low|Secret Management|Query details
Documentation
|
+|Ram Account Password Policy Not Required Numbers
063234c0-91c0-4ab5-bbd0-47ddb5f23786|Low|Secret Management|Query details
Documentation
|
+|RAM Account Password Policy Not Required Symbols
41a38329-d81b-4be4-aef4-55b2615d3282|Low|Secret Management|Query details
Documentation
|
### AWS
Below are listed queries related to Terraform AWS:
@@ -72,336 +72,336 @@ Below are listed queries related to Terraform AWS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Amazon DMS Replication Instance Is Publicly Accessible
030d3b18-1821-45b4-9e08-50efbe7becbb|Critical|Access Control|Query details
Documentation
|
-|ECR Repository Is Publicly Accessible
e86e26fc-489e-44f0-9bcd-97305e4ba69a|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Access to Any Principal
7af43613-6bb9-4a0e-8c4d-1314b799425e|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read Or Write to All Users
38c5ee0d-7f22-4260-ab72-5073048df100|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Grants WRITE_ACP Permission
64a222aa-7793-4e40-915f-4b302c76e4d4|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Delete Action From All Principals
ffdf4b37-7703-4dfe-a682-9d2e99bc6c09|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Put Action From All Principals
d24c0755-c028-44b1-b503-8e719c898832|Critical|Access Control|Query details
Documentation
|
-|S3 Bucket With All Permissions
a4966c4f-9141-48b8-a564-ffe9959945bc|Critical|Access Control|Query details
Documentation
|
-|SNS Topic is Publicly Accessible
b26d2b7e-60f6-413d-a3a1-a57db24aa2b3|Critical|Access Control|Query details
Documentation
|
-|RDS DB Instance Publicly Accessible
35113e6f-2c6b-414d-beec-7a9482d3b2d1|Critical|Insecure Configurations|Query details
Documentation
|
-|DB Security Group With Public Scope
1e0ef61b-ad85-4518-a3d3-85eaad164885|Critical|Networking and Firewall|Query details
Documentation
|
-|RDS Associated with Public Subnet
2f737336-b18a-4602-8ea0-b200312e1ac1|Critical|Networking and Firewall|Query details
Documentation
|
-|CloudWatch Unauthorized Access Alarm Missing
4c18a45b-4ab1-4790-9f83-399ac695f1e5|Critical|Observability|Query details
Documentation
|
-|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
09c35abf-5852-4622-ac7a-b987b331232e|High|Access Control|Query details
Documentation
|
-|ECS Service Admin Role Is Present
3206240f-2e87-4e58-8d24-3e19e7c83d7c|High|Access Control|Query details
Documentation
|
-|IAM Policy Grants Full Permissions
575a2155-6af1-4026-b1af-d5bc8fe2a904|High|Access Control|Query details
Documentation
|
-|IAM Role With Full Privileges
b1ffa705-19a3-4b73-b9d0-0c97d0663842|High|Access Control|Query details
Documentation
|
-|Lambda With Vulnerable Policy
ad9dabc7-7839-4bae-a957-aa9120013f39|High|Access Control|Query details
Documentation
|
-|MSK Broker Is Publicly Accessible
54378d69-dd7c-4b08-a43e-80d563396857|High|Access Control|Query details
Documentation
|
-|Neptune Cluster Instance is Publicly Accessible
9ba198e0-fef4-464a-8a4d-75ea55300de7|High|Access Control|Query details
Documentation
|
-|Neptune Cluster With IAM Database Authentication Disabled
c91d7ea0-d4d1-403b-8fe1-c9961ac082c5|High|Access Control|Query details
Documentation
|
-|S3 Bucket ACL Allows Read to Any Authenticated User
57b9893d-33b1-4419-bcea-a717ea87e139|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Get Action From All Principals
1df37f4b-7197-45ce-83f8-9994d2fcf885|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows List Action From All Principals
66c6f96f-2d9e-417e-a998-9058aeeecd44|High|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public Policy
1a4bc881-9f69-4d44-8c9a-d37d08f54c50|High|Access Control|Query details
Documentation
|
-|S3 Bucket Public ACL Overridden By Public Access Block
bf878b1a-7418-4de3-b13c-3a86cf894920|High|Access Control|Query details
Documentation
|
-|Secrets Manager With Vulnerable Policy
fa00ce45-386d-4718-8392-fb485e1f3c5b|High|Access Control|Query details
Documentation
|
-|SES Policy With Allowed IAM Actions
34b921bd-90a0-402e-a0a5-dc73371fd963|High|Access Control|Query details
Documentation
|
-|SQS Policy Allows All Actions
816ea8cf-d589-442d-a917-2dd0ce0e45e3|High|Access Control|Query details
Documentation
|
-|SQS Queue Exposed
abb06e5f-ef9a-4a99-98c6-376d396bfcdf|High|Access Control|Query details
Documentation
|
-|AmazonMQ Broker Encryption Disabled
3db3f534-e3a3-487f-88c7-0a9fbf64b702|High|Encryption|Query details
Documentation
|
-|API Gateway Method Settings Cache Not Encrypted
b7c9a40c-23e4-4a2d-8d39-a3352f10f288|High|Encryption|Query details
Documentation
|
-|Athena Database Not Encrypted
b2315cae-b110-4426-81e0-80bb8640cdd3|High|Encryption|Query details
Documentation
|
-|Athena Workgroup Not Encrypted
d364984a-a222-4b5f-a8b0-e23ab19ebff3|High|Encryption|Query details
Documentation
|
-|Aurora With Disabled at Rest Encryption
1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e|High|Encryption|Query details
Documentation
|
-|Config Rule For Encrypted Volumes Disabled
abdb29d4-5ca1-4e91-800b-b3569bbd788c|High|Encryption|Query details
Documentation
|
-|DAX Cluster Not Encrypted
f11aec39-858f-4b6f-b946-0a1bf46c0c87|High|Encryption|Query details
Documentation
|
-|DB Instance Storage Not Encrypted
08bd0760-8752-44e1-9779-7bb369b2b4e4|High|Encryption|Query details
Documentation
|
-|DOCDB Cluster Not Encrypted
bc1f9009-84a0-490f-ae09-3e0ea6d74ad6|High|Encryption|Query details
Documentation
|
-|DOCDB Cluster Without KMS
4766d3ea-241c-4ee6-93ff-c380c996bd1a|High|Encryption|Query details
Documentation
|
-|DynamoDB Table Not Encrypted
ce089fd4-1406-47bd-8aad-c259772bb294|High|Encryption|Query details
Documentation
|
-|EBS Default Encryption Disabled
3d3f6270-546b-443c-adb4-bb6fb2187ca6|High|Encryption|Query details
Documentation
|
-|EBS Volume Encryption Disabled
cc997676-481b-4e93-aa81-d19f8c5e9b12|High|Encryption|Query details
Documentation
|
-|EBS Volume Snapshot Not Encrypted
e6b4b943-6883-47a9-9739-7ada9568f8ca|High|Encryption|Query details
Documentation
|
-|ECS Task Definition Volume Not Encrypted
4d46ff3b-7160-41d1-a310-71d6d370b08f|High|Encryption|Query details
Documentation
|
-|EFS Not Encrypted
48207659-729f-4b5c-9402-f884257d794f|High|Encryption|Query details
Documentation
|
-|EKS Cluster Encryption Disabled
63ebcb19-2739-4d3f-aa5c-e8bbb9b85281|High|Encryption|Query details
Documentation
|
-|ElastiCache Replication Group Not Encrypted At Rest
76976de7-c7b1-4f64-a94f-90c1345914c2|High|Encryption|Query details
Documentation
|
-|ElasticSearch Encryption With KMS Disabled
7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2|High|Encryption|Query details
Documentation
|
-|ElasticSearch Not Encrypted At Rest
24e16922-4330-4e9d-be8a-caa90299466a|High|Encryption|Query details
Documentation
|
-|ELB Using Weak Ciphers
4a800e14-c94a-442d-9067-5a2e9f6c0a4c|High|Encryption|Query details
Documentation
|
-|Glue Data Catalog Encryption Disabled
01d50b14-e933-4c99-b314-6d08cd37ad35|High|Encryption|Query details
Documentation
|
-|Glue Security Configuration Encryption Disabled
ad5b4e97-2850-4adf-be17-1d293e0b85ee|High|Encryption|Query details
Documentation
|
-|Kinesis Not Encrypted With KMS
862fe4bf-3eec-4767-a517-40f378886b88|High|Encryption|Query details
Documentation
|
-|Kinesis SSE Not Configured
5c6dd5e7-1fe0-4cae-8f81-4c122717cef3|High|Encryption|Query details
Documentation
|
-|Launch Configuration Is Not Encrypted
4de9de27-254e-424f-bd70-4c1e95790838|High|Encryption|Query details
Documentation
|
-|MSK Cluster Encryption Disabled
6db52fa6-d4da-4608-908a-89f0c59e743e|High|Encryption|Query details
Documentation
|
-|Neptune Database Cluster Encryption Disabled
98d59056-f745-4ef5-8613-32bca8d40b7e|High|Encryption|Query details
Documentation
|
-|RDS Database Cluster not Encrypted
656880aa-1388-488f-a6d4-8f73c23149b2|High|Encryption|Query details
Documentation
|
-|RDS Storage Not Encrypted
3199c26c-7871-4cb3-99c2-10a59244ce7f|High|Encryption|Query details
Documentation
|
-|Redis Not Compliant
254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4|High|Encryption|Query details
Documentation
|
-|Redshift Not Encrypted
cfdcabb0-fc06-427c-865b-c59f13e898ce|High|Encryption|Query details
Documentation
|
-|S3 Bucket Object Not Encrypted
5fb49a69-8d46-4495-a2f8-9c8c622b2b6e|High|Encryption|Query details
Documentation
|
-|Sagemaker Endpoint Configuration Encryption Disabled
58b35504-0287-4154-bf69-02c0573deab8|High|Encryption|Query details
Documentation
|
-|Sagemaker Notebook Instance Without KMS
f3674e0c-f6be-43fa-b71c-bf346d1aed99|High|Encryption|Query details
Documentation
|
-|SNS Topic Not Encrypted
28545147-2fc6-42d5-a1f9-cf226658e591|High|Encryption|Query details
Documentation
|
-|User Data Contains Encoded Private Key
443488f5-c734-460b-a36d-5b3f330174dc|High|Encryption|Query details
Documentation
|
-|Workspaces Workspace Volume Not Encrypted
b9033580-6886-401a-8631-5f19f5bb24c7|High|Encryption|Query details
Documentation
|
-|Batch Job Definition With Privileged Container Properties
66cd88ac-9ddf-424a-b77e-e55e17630bee|High|Insecure Configurations|Query details
Documentation
|
-|DB Security Group Has Public Interface
f0d8781f-99bf-4958-9917-d39283b168a0|High|Insecure Configurations|Query details
Documentation
|
-|KMS Key With Vulnerable Policy
7ebc9038-0bde-479a-acc4-6ed7b6758899|High|Insecure Configurations|Query details
Documentation
|
-|Lambda Function With Privileged Role
1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2|High|Insecure Configurations|Query details
Documentation
|
-|MQ Broker Is Publicly Accessible
4eb5f791-c861-4afd-9f94-f2a6a3fe49cb|High|Insecure Configurations|Query details
Documentation
|
-|Redshift Publicly Accessible
af173fde-95ea-4584-b904-bb3923ac4bda|High|Insecure Configurations|Query details
Documentation
|
-|Root Account Has Active Access Keys
970d224d-b42a-416b-81f9-8f4dfe70c4bc|High|Insecure Configurations|Query details
Documentation
|
-|S3 Static Website Host Enabled
42bb6b7f-6d54-4428-b707-666f669d94fb|High|Insecure Configurations|Query details
Documentation
|
-|DB Security Group Open To Large Scope
4f615f3e-fb9c-4fad-8b70-2e9f781806ce|High|Networking and Firewall|Query details
Documentation
|
-|Default Security Groups With Unrestricted Traffic
46883ce1-dc3e-4b17-9195-c6a601624c73|High|Networking and Firewall|Query details
Documentation
|
-|Network ACL With Unrestricted Access To RDP
a20be318-cac7-457b-911d-04cc6e812c25|High|Networking and Firewall|Query details
Documentation
|
-|Remote Desktop Port Open To Internet
151187cb-0efc-481c-babd-ad24e3c9bc22|High|Networking and Firewall|Query details
Documentation
|
-|Route53 Record Undefined
25db74bf-fa3b-44da-934e-8c3e005c0453|High|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Entire Network
381c3f2a-ef6f-4eff-99f7-b169cda3422c|High|Networking and Firewall|Query details
Documentation
|
-|Unknown Port Exposed To Internet
590d878b-abdc-428f-895a-e2b68a0e1998|High|Networking and Firewall|Query details
Documentation
|
-|Unrestricted Security Group Ingress
4728cd65-a20c-49da-8b31-9c08b423e4db|High|Networking and Firewall|Query details
Documentation
|
-|VPC Default Security Group Accepts All Traffic
9a4ef195-74b9-4c58-b8ed-2b2fe4353a75|High|Networking and Firewall|Query details
Documentation
|
-|VPC Peering Route Table with Unrestricted CIDR
b3a41501-f712-4c4f-81e5-db9a7dc0e34e|High|Networking and Firewall|Query details
Documentation
|
-|CloudTrail Log Files S3 Bucket is Publicly Accessible
bd0088a5-c133-4b20-b129-ec9968b16ef3|High|Observability|Query details
Documentation
|
-|Hardcoded AWS Access Key
d7b9d850-3e06-4a75-852f-c46c2e92240b|High|Secret Management|Query details
Documentation
|
-|Hardcoded AWS Access Key In Lambda
1402afd8-a95c-4e84-8b0b-6fb43758e6ce|High|Secret Management|Query details
Documentation
|
-|AMI Shared With Multiple Accounts
ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698|Medium|Access Control|Query details
Documentation
|
-|API Gateway Method Does Not Contains An API Key
671211c5-5d2a-4e97-8867-30fc28b02216|Medium|Access Control|Query details
Documentation
|
-|API Gateway Without Configured Authorizer
0a96ce49-4163-4ee6-8169-eb3b0797d694|Medium|Access Control|Query details
Documentation
|
-|Certificate Has Expired
c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6|Medium|Access Control|Query details
Documentation
|
-|EC2 Instance Using Default Security Group
f1adc521-f79a-4d71-b55b-a68294687432|Medium|Access Control|Query details
Documentation
|
-|EFS With Vulnerable Policy
fae52418-bb8b-4ac2-b287-0b9082d6a3fd|Medium|Access Control|Query details
Documentation
|
-|Elasticsearch Domain With Vulnerable Policy
16c4216a-50d3-4785-bfb2-4adb5144a8ba|Medium|Access Control|Query details
Documentation
|
-|Elasticsearch Without IAM Authentication
e7530c3c-b7cf-4149-8db9-d037a0b5268e|Medium|Access Control|Query details
Documentation
|
-|Glue With Vulnerable Policy
d25edb51-07fb-4a73-97d4-41cecdc53a22|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
9b0ffadc-a61f-4c2a-b1e6-68fab60f6267|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
15e6ad8c-f420-49a6-bafb-074f5eb1ec74|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
7d544dad-8a6c-431c-84c1-5f07fe9afc0e|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
8f3c16b3-354d-45db-8ad5-5066778a9485|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'
970ed7a2-0aca-4425-acf1-0453c9ecbca1|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
70b42736-efee-4bce-80d5-50358ed94990|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'
3dd96caa-0b5f-4a85-b929-acfac4646cc2|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'
db78d14b-10e5-4e6e-84b1-dace6327b1ec|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'
846646e3-2af1-428c-ac5d-271eccfa6faf|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'
04c686f1-e0cd-4812-88e1-4e038410074c|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ec49cbfd-fae4-45f3-81b1-860526d66e3f|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'
e77c89f6-9c85-49ea-b95b-5f960fe5be92|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'
c0c1e744-0f37-445e-924a-1846f0839f69|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'
60263b4a-6801-4587-911d-919c37ed733b|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
7782d4b3-e23e-432b-9742-d9528432e771|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
78f1ec6f-5659-41ea-bd48-d0a142dce4f2|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
ad296c0d-8131-4d6b-b030-1b0e73a99ad3|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
034d0aee-620f-4bf7-b7fb-efdf661fdb9e|Medium|Access Control|Query details
Documentation
|
-|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
571254d8-aa6a-432e-9725-535d3ef04d69|Medium|Access Control|Query details
Documentation
|
-|IAM Access Key Is Exposed
7081f85c-b94d-40fd-8b45-a4f1cac75e46|Medium|Access Control|Query details
Documentation
|
-|IAM Group Without Users
fc101ca7-c9dd-4198-a1eb-0fbe92e80044|Medium|Access Control|Query details
Documentation
|
-|IAM Policies Attached To User
b4378389-a9aa-44ee-91e7-ef183f11079e|Medium|Access Control|Query details
Documentation
|
-|IAM Policies With Full Privileges
2f37c4a3-58b9-4afe-8a87-d7f1d2286f84|Medium|Access Control|Query details
Documentation
|
-|IAM Policy Grants 'AssumeRole' Permission Across All Services
bcdcbdc6-a350-4855-ae7c-d1e6436f7c97|Medium|Access Control|Query details
Documentation
|
-|IAM Role Allows All Principals To Assume
12b7e704-37f0-4d1e-911a-44bf60c48c21|Medium|Access Control|Query details
Documentation
|
-|IAM Role Policy passRole Allows All
e39bee8c-fe54-4a3f-824d-e5e2d1cca40a|Medium|Access Control|Query details
Documentation
|
-|IAM User With Access To Console
9ec311bf-dfd9-421f-8498-0b063c8bc552|Medium|Access Control|Query details
Documentation
|
-|Lambda Permission Principal Is Wildcard
e08ed7eb-f3ef-494d-9d22-2e3db756a347|Medium|Access Control|Query details
Documentation
|
-|Policy Without Principal
bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54|Medium|Access Control|Query details
Documentation
|
-|Public and Private EC2 Share Role
c53c7a89-f9d7-4c7b-8b66-8a555be99593|Medium|Access Control|Query details
Documentation
|
-|Public Lambda via API Gateway
3ef8696c-e4ae-4872-92c7-520bb44dfe77|Medium|Access Control|Query details
Documentation
|
-|REST API With Vulnerable Policy
b161c11b-a59b-4431-9a29-4e19f63e6b27|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
be2aa235-bd93-4b68-978a-1cc65d49082f|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
30b88745-eebe-4ecb-a3a9-5cf886e96204|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
0a592060-8166-49f5-8e65-99ac6dce9871|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
eda48c88-2b7d-4e34-b6ca-04c0194aee17|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'
b8a31292-509d-4b61-bc40-13b167db7e9c|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
f906113d-cdc0-415a-ba60-609cc6daaf4d|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'
f465fff1-0a0f-457d-aa4d-1bddb6f204ff|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'
7c96920c-6fd0-449d-9a52-0aa431b6beaf|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'
5b4d4aee-ac94-4810-9611-833636e5916d|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'
9a205ba3-0dd1-42eb-8d54-2ffec836b51a|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ee49557d-750c-4cc1-aa95-94ab36cbefde|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'
d6047119-a0b2-4b59-a4f2-127a36fb685b|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'
eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'
8f75840d-9ee7-42f3-b203-b40e3979eb12|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
118281d0-6471-422e-a7c5-051bc667926e|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
f1173d8c-3264-4148-9fdb-61181e031b51|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
35ccf766-0e4d-41ed-9ec4-2dab155082b4|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
fa62ac4f-f5b9-45b9-97c1-625c8b6253ca|Medium|Access Control|Query details
Documentation
|
-|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
c583f0f9-7dfd-476b-a056-f47c62b47b46|Medium|Access Control|Query details
Documentation
|
-|S3 Bucket Allows Public ACL
d0cc8694-fcad-43ff-ac86-32331d7e867f|Medium|Access Control|Query details
Documentation
|
-|SNS Topic Publicity Has Allow and NotAction Simultaneously
5ea624e4-c8b1-4bb3-87a4-4235a776adcc|Medium|Access Control|Query details
Documentation
|
-|SQS Policy With Public Access
730675f9-52ed-49b6-8ead-0acb5dd7df7f|Medium|Access Control|Query details
Documentation
|
-|SSO Identity User Unsafe Creation
4003118b-046b-4640-b200-b8c7a4c8b89f|Medium|Access Control|Query details
Documentation
|
-|SSO Policy with full privileges
132a8c31-9837-4203-9fd1-15ca210c7b73|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
19ffbe31-9d72-4379-9768-431195eae328|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
89561b03-cb35-44a9-a7e9-8356e71606f4|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
94fbe150-27e3-4eba-9ca6-af32865e4503|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
9b877bd8-94b4-4c10-a060-8e0436cc09fa|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AddUserToGroup'
bf9d42c7-c2f9-4dfe-942c-c8cc8249a081|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
6d23d87e-1c5b-4308-b224-92624300f29b|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'
e227091e-2228-4b40-b046-fc13650d8e88|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'
70cb518c-d990-46f6-bc05-44a5041493d6|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:CreateAccessKey'
113208f2-a886-4526-9ecc-f3218600e12c|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'
0fd7d920-4711-46bd-aff2-d307d82cd8b7|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
1743f5f1-0bb0-4934-acef-c80baa5dadfa|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'
8bfbf7ab-d5e8-4100-8618-798956e101e0|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:PutRolePolicy'
eeb4d37a-3c59-4789-a00c-1509bc3af1e5|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:PutUserPolicy'
0c10d7da-85c4-4d62-b2a8-d6c104f1bd77|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
43a41523-386a-4cb1-becb-42af6b414433|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
33627268-1445-4385-988a-318fd9d1a512|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
6deb34e2-5d9c-499a-801b-ea6d9eda894f|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
8055dec2-efb8-4fe6-8837-d9bed6ff202a|Medium|Access Control|Query details
Documentation
|
-|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
b69247e5-7e73-464e-ba74-ec9b715c6e12|Medium|Access Control|Query details
Documentation
|
-|Auto Scaling Group With No Associated ELB
8e94dced-9bcc-4203-8eb7-7e41202b2505|Medium|Availability|Query details
Documentation
|
-|CMK Is Unusable
7350fa23-dcf7-4938-916d-6a60b0c73b50|Medium|Availability|Query details
Documentation
|
-|ElastiCache Nodes Not Created Across Multi AZ
6db03a91-f933-4f13-ab38-a8b87a7de54d|Medium|Availability|Query details
Documentation
|
-|ElastiCache Redis Cluster Without Backup
8fdb08a0-a868-4fdf-9c27-ccab0237f1ab|Medium|Backup|Query details
Documentation
|
-|RDS Cluster With Backup Disabled
e542bd46-58c4-4e0f-a52a-1fb4f9548e02|Medium|Backup|Query details
Documentation
|
-|RDS With Backup Disabled
1dc73fb4-5b51-430c-8c5f-25dcf9090b02|Medium|Backup|Query details
Documentation
|
-|S3 Bucket Without Versioning
568a4d22-3517-44a6-a7ad-6a7eed88722c|Medium|Backup|Query details
Documentation
|
-|Stack Retention Disabled
6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97|Medium|Backup|Query details
Documentation
|
-|ALB Not Dropping Invalid Headers
6e3fd2ed-5c83-4c68-9679-7700d224d379|Medium|Best Practices|Query details
Documentation
|
-|AMI Not Encrypted
8bbb242f-6e38-4127-86d4-d8f0b2687ae2|Medium|Encryption|Query details
Documentation
|
-|CA Certificate Identifier Is Outdated
9f40c07e-699e-4410-8856-3ba0f2e3a2dd|Medium|Encryption|Query details
Documentation
|
-|Cloudfront Viewer Protocol Policy Allows HTTP
55af1353-2f62-4fa0-a8e1-a210ca2708f5|Medium|Encryption|Query details
Documentation
|
-|CloudWatch Log Group Without KMS
0afbcfe9-d341-4b92-a64c-7e6de0543879|Medium|Encryption|Query details
Documentation
|
-|ElastiCache Replication Group Not Encrypted At Transit
1afbb3fa-cf6c-4a3d-b730-95e9f4df343e|Medium|Encryption|Query details
Documentation
|
-|Elasticsearch Domain Not Encrypted Node To Node
967eb3e6-26fc-497d-8895-6428beb6e8e2|Medium|Encryption|Query details
Documentation
|
-|ELB Using Insecure Protocols
126c1788-23c2-4a10-906c-ef179f4f96ec|Medium|Encryption|Query details
Documentation
|
-|IAM Database Auth Not Enabled
88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6|Medium|Encryption|Query details
Documentation
|
-|S3 Bucket Policy Accepts HTTP Requests
4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9|Medium|Encryption|Query details
Documentation
|
-|Secretsmanager Secret Encrypted With AWS Managed Key
b0d3ef3f-845d-4b1b-83d6-63a5a380375f|Medium|Encryption|Query details
Documentation
|
-|Secretsmanager Secret Without KMS
a2f548f2-188c-4fff-b172-e9a6acb216bd|Medium|Encryption|Query details
Documentation
|
-|Secure Ciphers Disabled
5c0003fb-9aa0-42c1-9da3-eb0e332bef21|Medium|Encryption|Query details
Documentation
|
-|SNS Topic Encrypted With AWS Managed Key
b1a72f66-2236-4f3b-87ba-0da1b366956f|Medium|Encryption|Query details
Documentation
|
-|SQS With SSE Disabled
6e8849c1-3aa7-40e3-9063-b85ee300f29f|Medium|Encryption|Query details
Documentation
|
-|SSM Session Transit Encryption Disabled
ce60cc6b-6831-4bd7-84a2-cc7f8ee71433|Medium|Encryption|Query details
Documentation
|
-|ALB Deletion Protection Disabled
afecd1f1-6378-4f7e-bb3b-60c35801fdd4|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway With Open Access
15ccec05-5476-4890-ad19-53991eba1db8|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without Security Policy
4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b|Medium|Insecure Configurations|Query details
Documentation
|
-|API Gateway Without SSL Certificate
0b4869fc-a842-4597-aa00-1294df425440|Medium|Insecure Configurations|Query details
Documentation
|
-|Certificate RSA Key Bytes Lower Than 256
874d68a3-bfbe-4a4b-aaa0-9e74d7da634b|Medium|Insecure Configurations|Query details
Documentation
|
-|CloudFront Without Minimum Protocol TLS 1.2
00e5e55e-c2ff-46b3-a757-a7a1cd802456|Medium|Insecure Configurations|Query details
Documentation
|
-|ECR Image Tag Not Immutable
d1846b12-20c5-4d45-8798-fc35b79268eb|Medium|Insecure Configurations|Query details
Documentation
|
-|ECS Task Definition Network Mode Not Recommended
9f4a9409-9c60-4671-be96-9716dbf63db1|Medium|Insecure Configurations|Query details
Documentation
|
-|EKS Cluster Has Public Access
42f4b905-3736-4213-bfe9-c0660518cda8|Medium|Insecure Configurations|Query details
Documentation
|
-|IAM User Has Too Many Access Keys
3561130e-9c5f-485b-9e16-2764c82763e5|Medium|Insecure Configurations|Query details
Documentation
|
-|No Password Policy Enabled
b592ffd4-0577-44b6-bd35-8c5ee81b5918|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket with Unsecured CORS Rule
98a8f708-121b-455b-ae2f-da3fb59d17e1|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Ignore Public ACL
4fa66806-0dd9-4f8d-9480-3174d39c7c91|Medium|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Restriction Of Public Bucket
1ec253ab-c220-4d63-b2de-5b40e0af9293|Medium|Insecure Configurations|Query details
Documentation
|
-|Service Control Policies Disabled
5ba6229c-8057-433e-91d0-21cf13569ca9|Medium|Insecure Configurations|Query details
Documentation
|
-|Default VPC Exists
96ed3526-0179-4c73-b1b2-372fde2e0d13|Medium|Insecure Defaults|Query details
Documentation
|
-|Vulnerable Default SSL Certificate
3a1e94df-6847-4c0e-a3b6-6c6af4e128ef|Medium|Insecure Defaults|Query details
Documentation
|
-|ALB Is Not Integrated With WAF
0afa6ab8-a047-48cf-be07-93a2f8c34cf7|Medium|Networking and Firewall|Query details
Documentation
|
-|ALB Listening on HTTP
de7f5e83-da88-4046-871f-ea18504b1d43|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Endpoint Config is Not Private
6b2739db-9c49-4db7-b980-7816e0c248c1|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway without WAF
a186e82c-1078-4a7b-85d8-579561fde884|Medium|Networking and Firewall|Query details
Documentation
|
-|CloudFront Without WAF
1419b4c6-6d5c-4534-9cf6-6a5266085333|Medium|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Has Public IP
5a2486aa-facf-477d-a5c1-b010789459ce|Medium|Networking and Firewall|Query details
Documentation
|
-|EKS Cluster Has Public Access CIDRs
61cf9883-1752-4768-b18c-0d57f2737709|Medium|Networking and Firewall|Query details
Documentation
|
-|EKS node group remote access disabled
ba40ace1-a047-483c-8a8d-bc2d3a67a82d|Medium|Networking and Firewall|Query details
Documentation
|
-|Elasticsearch with HTTPS disabled
2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e|Medium|Networking and Firewall|Query details
Documentation
|
-|HTTP Port Open To Internet
ffac8a12-322e-42c1-b9b9-81ff85c39ef7|Medium|Networking and Firewall|Query details
Documentation
|
-|Network ACL With Unrestricted Access To SSH
3af7f2fd-06e6-4dab-b996-2912bea19ba4|Medium|Networking and Firewall|Query details
Documentation
|
-|Security Group With Unrestricted Access To SSH
65905cec-d691-4320-b320-2000436cb696|Medium|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Small Public Network
e35c16a2-d54e-419d-8546-a804d8e024d0|Medium|Networking and Firewall|Query details
Documentation
|
-|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
54c417bf-c762-48b9-9d31-b3d87047e3f0|Medium|Networking and Firewall|Query details
Documentation
|
-|VPC Subnet Assigns Public IP
52f04a44-6bfa-4c41-b1d3-4ae99a2de05c|Medium|Networking and Firewall|Query details
Documentation
|
-|VPC Without Network Firewall
fd632aaf-b8a1-424d-a4d1-0de22fd3247a|Medium|Networking and Firewall|Query details
Documentation
|
-|API Gateway Access Logging Disabled
1b6799eb-4a7a-4b04-9001-8cceb9999326|Medium|Observability|Query details
Documentation
|
-|API Gateway Deployment Without Access Log Setting
625abc0e-f980-4ac9-a775-f7519ee34296|Medium|Observability|Query details
Documentation
|
-|API Gateway With CloudWatch Logging Disabled
982aa526-6970-4c59-8b9b-2ce7e019fe36|Medium|Observability|Query details
Documentation
|
-|CloudFront Logging Disabled
94690d79-b3b0-43de-b656-84ebef5753e5|Medium|Observability|Query details
Documentation
|
-|CloudTrail Log Files S3 Bucket with Logging Disabled
ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4|Medium|Observability|Query details
Documentation
|
-|CloudTrail Logging Disabled
4bb76f17-3d63-4529-bdca-2b454529d774|Medium|Observability|Query details
Documentation
|
-|CloudWatch AWS Config Configuration Changes Alarm Missing
5b8d7527-de8e-4114-b9dd-9d988f1f418f|Medium|Observability|Query details
Documentation
|
-|CloudWatch Changes To NACL Alarm Missing
0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0|Medium|Observability|Query details
Documentation
|
-|Cloudwatch Cloudtrail Configuration Changes Alarm Missing
0f6cbf69-41bb-47dc-93f3-3844640bf480|Medium|Observability|Query details
Documentation
|
-|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing
56a585f5-555c-48b2-8395-e64e4740a9cf|Medium|Observability|Query details
Documentation
|
-|CloudWatch Logging Disabled
7dbba512-e244-42dc-98bb-422339827967|Medium|Observability|Query details
Documentation
|
-|CloudWatch Management Console Auth Failed Alarm Missing
5864d189-ee9a-4009-ac0c-8a582e6b7919|Medium|Observability|Query details
Documentation
|
-|CloudWatch Metrics Disabled
081069cb-588b-4ce1-884c-2a1ce3029fe5|Medium|Observability|Query details
Documentation
|
-|CloudWatch Root Account Use Missing
8b1b1e67-6248-4dca-bbad-93486bb181c0|Medium|Observability|Query details
Documentation
|
-|CloudWatch S3 policy Change Alarm Missing
27c6a499-895a-4dc7-9617-5c485218db13|Medium|Observability|Query details
Documentation
|
-|Cloudwatch Security Group Changes Alarm Missing
4beaf898-9f8b-4237-89e2-5ffdc7ee6006|Medium|Observability|Query details
Documentation
|
-|CloudWatch VPC Changes Alarm Missing
9d0d4512-1959-43a2-a17f-72360ff06d1b|Medium|Observability|Query details
Documentation
|
-|DocDB Logging Is Disabled
56f6a008-1b14-4af4-b9b2-ab7cf7e27641|Medium|Observability|Query details
Documentation
|
-|EC2 Instance Monitoring Disabled
23b70e32-032e-4fa6-ba5c-82f56b9980e6|Medium|Observability|Query details
Documentation
|
-|EKS cluster logging is not enabled
37304d3f-f852-40b8-ae3f-725e87a7cedf|Medium|Observability|Query details
Documentation
|
-|Elasticsearch Log Disabled
acb6b4e2-a086-4f35-aefd-4db6ea51ada2|Medium|Observability|Query details
Documentation
|
-|ELB Access Log Disabled
20018359-6fd7-4d05-ab26-d4dffccbdf79|Medium|Observability|Query details
Documentation
|
-|Global Accelerator Flow Logs Disabled
96e8183b-e985-457b-90cd-61c0503a3369|Medium|Observability|Query details
Documentation
|
-|GuardDuty Detector Disabled
704dadd3-54fc-48ac-b6a0-02f170011473|Medium|Observability|Query details
Documentation
|
-|Missing Cluster Log Types
66f130d9-b81d-4e8e-9b08-da74b9c891df|Medium|Observability|Query details
Documentation
|
-|MQ Broker Logging Disabled
31245f98-a6a9-4182-9fc1-45482b9d030a|Medium|Observability|Query details
Documentation
|
-|MSK Cluster Logging Disabled
2f56b7ab-7fba-4e93-82f0-247e5ddeb239|Medium|Observability|Query details
Documentation
|
-|Neptune Logging Is Disabled
45cff7b6-3b80-40c1-ba7b-2cf480678bb8|Medium|Observability|Query details
Documentation
|
-|RDS Without Logging
8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56|Medium|Observability|Query details
Documentation
|
-|Redshift Cluster Logging Disabled
15ffbacc-fa42-4f6f-a57d-2feac7365caa|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Logging Disabled
f861041c-8c9f-4156-acfc-5e6e524f5884|Medium|Observability|Query details
Documentation
|
-|S3 Bucket Object Level CloudTrail Logging Disabled
a8fc2180-b3ac-4c93-bd0d-a55b974e4b07|Medium|Observability|Query details
Documentation
|
-|Stack Notifications Disabled
b72d0026-f649-4c91-a9ea-15d8f681ac09|Medium|Observability|Query details
Documentation
|
-|VPC FlowLogs Disabled
f83121ea-03da-434f-9277-9cd247ab3047|Medium|Observability|Query details
Documentation
|
-|No Stack Policy
2f01fb2d-828a-499d-b98e-b83747305052|Medium|Resource Management|Query details
Documentation
|
-|Authentication Without MFA
3ddfa124-6407-4845-a501-179f90c65097|Low|Access Control|Query details
Documentation
|
-|CloudWatch Logs Destination With Vulnerable Policy
db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8|Low|Access Control|Query details
Documentation
|
-|EC2 Instance Using API Keys
0b93729a-d882-4803-bdc3-ac429a21f158|Low|Access Control|Query details
Documentation
|
-|SSO Permission With Inadequate User Session Duration
ce9dfce0-5fc8-433b-944a-3b16153111a8|Low|Access Control|Query details
Documentation
|
-|Autoscaling Groups Supply Tags
ba48df05-eaa1-4d64-905e-4a4b051e7587|Low|Availability|Query details
Documentation
|
-|ECS Service Without Running Tasks
91f16d09-689e-4926-aca7-155157f634ed|Low|Availability|Query details
Documentation
|
-|Automatic Minor Upgrades Disabled
3b6d777b-76e3-4133-80a3-0d6f667ade7f|Low|Best Practices|Query details
Documentation
|
-|CDN Configuration Is Missing
1bc367f6-901d-4870-ad0c-71d79762ef52|Low|Best Practices|Query details
Documentation
|
-|Cognito UserPool Without MFA
ec28bf61-a474-4dbe-b414-6dd3a067d6f0|Low|Best Practices|Query details
Documentation
|
-|ECR Repository Without Policy
69e7c320-b65d-41bb-be02-d63ecc0bcc9d|Low|Best Practices|Query details
Documentation
|
-|IAM Access Analyzer Not Enabled
e592a0c5-5bdb-414c-9066-5dba7cdea370|Low|Best Practices|Query details
Documentation
|
-|IAM Password Without Minimum Length
1bc1c685-e593-450e-88fb-19db4c82aa1d|Low|Best Practices|Query details
Documentation
|
-|Lambda IAM InvokeFunction Misconfigured
0ca1017d-3b80-423e-bb9c-6cd5898d34bd|Low|Best Practices|Query details
Documentation
|
-|Lambda Permission Misconfigured
75ec6890-83af-4bf1-9f16-e83726df0bd0|Low|Best Practices|Query details
Documentation
|
-|Misconfigured Password Policy Expiration
ce60d060-efb8-4bfd-9cf7-ff8945d00d90|Low|Best Practices|Query details
Documentation
|
-|Password Without Reuse Prevention
89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a|Low|Best Practices|Query details
Documentation
|
-|Stack Without Template
91bea7b8-0c31-4863-adc9-93f6177266c4|Low|Build Process|Query details
Documentation
|
-|API Gateway With Invalid Compression
ed35928e-195c-4405-a252-98ccb664ab7b|Low|Encryption|Query details
Documentation
|
-|CloudTrail Log Files Not Encrypted With KMS
5d9e3164-9265-470c-9a10-57ae454ac0c7|Low|Encryption|Query details
Documentation
|
-|CodeBuild Project Encrypted With AWS Managed Key
3deec14b-03d2-4d27-9670-7d79322e3340|Low|Encryption|Query details
Documentation
|
-|DOCDB Cluster Encrypted With AWS Managed Key
2134641d-30a4-4b16-8ffc-2cd4c4ffd15d|Low|Encryption|Query details
Documentation
|
-|ECR Repository Not Encrypted With CMK
0e32d561-4b5a-4664-a6e3-a3fa85649157|Low|Encryption|Query details
Documentation
|
-|EFS Without KMS
25d251f3-f348-4f95-845c-1090e41a615c|Low|Encryption|Query details
Documentation
|
-|AWS Password Policy With Unchangeable Passwords
9ef7d25d-9764-4224-9968-fa321c56ef76|Low|Insecure Configurations|Query details
Documentation
|
-|IAM User Policy Without MFA
b5681959-6c09-4f55-b42b-c40fa12d03ec|Low|Insecure Configurations|Query details
Documentation
|
-|Instance With No VPC
a31a5a29-718a-4ff4-8001-a69e5e4d029e|Low|Insecure Configurations|Query details
Documentation
|
-|Redis Disabled
4bd15dd9-8d5e-4008-8532-27eb0c3706d3|Low|Insecure Configurations|Query details
Documentation
|
-|Redshift Cluster Without VPC
0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3|Low|Insecure Configurations|Query details
Documentation
|
-|S3 Bucket Without Enabled MFA Delete
c5b31ab9-0f26-4a49-b8aa-4cc064392f4d|Low|Insecure Configurations|Query details
Documentation
|
-|Dynamodb VPC Endpoint Without Route Table Association
0bc534c5-13d1-4353-a7fe-b8665d5c1d7d|Low|Networking and Firewall|Query details
Documentation
|
-|EC2 Instance Using Default VPC
7e4a6e76-568d-43ef-8c4e-36dea481bff1|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Using Default Port
5d89db57-8b51-4b38-bb76-b9bd42bd40f0|Low|Networking and Firewall|Query details
Documentation
|
-|ElastiCache Without VPC
8c849af7-a399-46f7-a34c-32d3dc96f1fc|Low|Networking and Firewall|Query details
Documentation
|
-|EMR Without VPC
2b3c8a6d-9856-43e6-ab1d-d651094f03b4|Low|Networking and Firewall|Query details
Documentation
|
-|RDS Using Default Port
bca7cc4d-b3a4-4345-9461-eb69c68fcd26|Low|Networking and Firewall|Query details
Documentation
|
-|Redshift Using Default Port
41abc6cc-dde1-4217-83d3-fb5f0cc09d8f|Low|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Wide Private Network
92fe237e-074c-4262-81a4-2077acb928c1|Low|Networking and Firewall|Query details
Documentation
|
-|Shield Advanced Not In Use
084c6686-2a70-4710-91b1-000393e54c12|Low|Networking and Firewall|Query details
Documentation
|
-|SQS VPC Endpoint Without DNS Resolution
e9b7acf9-9ba0-4837-a744-31e7df1e434d|Low|Networking and Firewall|Query details
Documentation
|
-|API Gateway Deployment Without API Gateway UsagePlan Associated
b3a59b8e-94a3-403e-b6e2-527abaf12034|Low|Observability|Query details
Documentation
|
-|API Gateway X-Ray Disabled
5813ef56-fa94-406a-b35d-977d4a56ff2b|Low|Observability|Query details
Documentation
|
-|CloudTrail Log File Validation Disabled
52ffcfa6-6c70-4ea6-8376-d828d3961669|Low|Observability|Query details
Documentation
|
-|CloudTrail Multi Region Disabled
8173d5eb-96b5-4aa6-a71b-ecfa153c123d|Low|Observability|Query details
Documentation
|
-|CloudTrail Not Integrated With CloudWatch
17b30f8f-8dfb-4597-adf6-57600b6cf25e|Low|Observability|Query details
Documentation
|
-|CloudTrail SNS Topic Name Undefined
482b7d26-0bdb-4b5f-bf6f-545826c0a3dd|Low|Observability|Query details
Documentation
|
-|CloudWatch Console Sign-in Without MFA Alarm Missing
44ceb4fa-0897-4fd2-b676-30e7a58f2933|Low|Observability|Query details
Documentation
|
-|CloudWatch IAM Policy Changes Alarm Missing
eaaba502-2f94-411a-a3c2-83d63cc1776d|Low|Observability|Query details
Documentation
|
-|CloudWatch Network Gateways Changes Alarm Missing
6b6874fe-4c2f-4eea-8b90-7cceaa4a125e|Low|Observability|Query details
Documentation
|
-|CloudWatch Route Table Changes Alarm Missing
2285e608-ddbc-47f3-ba54-ce7121e31216|Low|Observability|Query details
Documentation
|
-|CMK Rotation Disabled
22fbfeac-7b5a-421a-8a27-7a2178bb910b|Low|Observability|Query details
Documentation
|
-|Configuration Aggregator to All Regions Disabled
ac5a0bc0-a54c-45aa-90c3-15f7703b9132|Low|Observability|Query details
Documentation
|
-|ECS Cluster with Container Insights Disabled
97cb0688-369a-4d26-b1f7-86c4c91231bc|Low|Observability|Query details
Documentation
|
-|ElasticSearch Without Slow Logs
e979fcbc-df6c-422d-9458-c33d65e71c45|Low|Observability|Query details
Documentation
|
-|KMS Key With No Deletion Window
0b530315-0ea4-497f-b34c-4ff86268f59d|Low|Observability|Query details
Documentation
|
-|Lambda Functions Without X-Ray Tracing
8152e0cf-d2f0-47ad-96d5-d003a76eabd1|Low|Observability|Query details
Documentation
|
-|Unscanned ECR Image
9630336b-3fed-4096-8173-b9afdfe346a7|Low|Observability|Query details
Documentation
|
-|API Gateway Stage Without API Gateway UsagePlan Associated
c999cf62-0920-40f8-8dda-0caccd66ed7e|Low|Resource Management|Query details
Documentation
|
-|Security Group Not Used
4849211b-ac39-479e-ae78-5694d506cb24|Info|Access Control|Query details
Documentation
|
-|DynamoDB Table Point In Time Recovery Disabled
741f1291-47ac-4a85-a07b-3d32a9d6bd3e|Info|Best Practices|Query details
Documentation
|
-|EC2 Not EBS Optimized
60224630-175a-472a-9e23-133827040766|Info|Best Practices|Query details
Documentation
|
-|Resource Not Using Tags
e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10|Info|Best Practices|Query details
Documentation
|
-|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Info|Best Practices|Query details
Documentation
|
-|Security Group Rule Without Description
cb3f5ed6-0d18-40de-a93d-b3538db31e8c|Info|Best Practices|Query details
Documentation
|
-|CloudWatch AWS Organizations Changes Missing Alarm
38b85c45-e772-4de8-a247-69619ca137b3|Info|Observability|Query details
Documentation
|
-|CloudWatch Without Retention Period Specified
ef0b316a-211e-42f1-888e-64efe172b755|Info|Observability|Query details
Documentation
|
+|Amazon DMS Replication Instance Is Publicly Accessible
030d3b18-1821-45b4-9e08-50efbe7becbb|Critical|Access Control|Query details
Documentation
|
+|ECR Repository Is Publicly Accessible
e86e26fc-489e-44f0-9bcd-97305e4ba69a|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Access to Any Principal
7af43613-6bb9-4a0e-8c4d-1314b799425e|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read Or Write to All Users
38c5ee0d-7f22-4260-ab72-5073048df100|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Grants WRITE_ACP Permission
64a222aa-7793-4e40-915f-4b302c76e4d4|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Delete Action From All Principals
ffdf4b37-7703-4dfe-a682-9d2e99bc6c09|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Put Action From All Principals
d24c0755-c028-44b1-b503-8e719c898832|Critical|Access Control|Query details
Documentation
|
+|S3 Bucket With All Permissions
a4966c4f-9141-48b8-a564-ffe9959945bc|Critical|Access Control|Query details
Documentation
|
+|SNS Topic is Publicly Accessible
b26d2b7e-60f6-413d-a3a1-a57db24aa2b3|Critical|Access Control|Query details
Documentation
|
+|RDS DB Instance Publicly Accessible
35113e6f-2c6b-414d-beec-7a9482d3b2d1|Critical|Insecure Configurations|Query details
Documentation
|
+|DB Security Group With Public Scope
1e0ef61b-ad85-4518-a3d3-85eaad164885|Critical|Networking and Firewall|Query details
Documentation
|
+|RDS Associated with Public Subnet
2f737336-b18a-4602-8ea0-b200312e1ac1|Critical|Networking and Firewall|Query details
Documentation
|
+|CloudWatch Unauthorized Access Alarm Missing
4c18a45b-4ab1-4790-9f83-399ac695f1e5|Critical|Observability|Query details
Documentation
|
+|Cross-Account IAM Assume Role Policy Without ExternalId or MFA
09c35abf-5852-4622-ac7a-b987b331232e|High|Access Control|Query details
Documentation
|
+|ECS Service Admin Role Is Present
3206240f-2e87-4e58-8d24-3e19e7c83d7c|High|Access Control|Query details
Documentation
|
+|IAM Policy Grants Full Permissions
575a2155-6af1-4026-b1af-d5bc8fe2a904|High|Access Control|Query details
Documentation
|
+|IAM Role With Full Privileges
b1ffa705-19a3-4b73-b9d0-0c97d0663842|High|Access Control|Query details
Documentation
|
+|Lambda With Vulnerable Policy
ad9dabc7-7839-4bae-a957-aa9120013f39|High|Access Control|Query details
Documentation
|
+|MSK Broker Is Publicly Accessible
54378d69-dd7c-4b08-a43e-80d563396857|High|Access Control|Query details
Documentation
|
+|Neptune Cluster Instance is Publicly Accessible
9ba198e0-fef4-464a-8a4d-75ea55300de7|High|Access Control|Query details
Documentation
|
+|Neptune Cluster With IAM Database Authentication Disabled
c91d7ea0-d4d1-403b-8fe1-c9961ac082c5|High|Access Control|Query details
Documentation
|
+|S3 Bucket ACL Allows Read to Any Authenticated User
57b9893d-33b1-4419-bcea-a717ea87e139|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Get Action From All Principals
1df37f4b-7197-45ce-83f8-9994d2fcf885|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows List Action From All Principals
66c6f96f-2d9e-417e-a998-9058aeeecd44|High|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public Policy
1a4bc881-9f69-4d44-8c9a-d37d08f54c50|High|Access Control|Query details
Documentation
|
+|S3 Bucket Public ACL Overridden By Public Access Block
bf878b1a-7418-4de3-b13c-3a86cf894920|High|Access Control|Query details
Documentation
|
+|Secrets Manager With Vulnerable Policy
fa00ce45-386d-4718-8392-fb485e1f3c5b|High|Access Control|Query details
Documentation
|
+|SES Policy With Allowed IAM Actions
34b921bd-90a0-402e-a0a5-dc73371fd963|High|Access Control|Query details
Documentation
|
+|SQS Policy Allows All Actions
816ea8cf-d589-442d-a917-2dd0ce0e45e3|High|Access Control|Query details
Documentation
|
+|SQS Queue Exposed
abb06e5f-ef9a-4a99-98c6-376d396bfcdf|High|Access Control|Query details
Documentation
|
+|AmazonMQ Broker Encryption Disabled
3db3f534-e3a3-487f-88c7-0a9fbf64b702|High|Encryption|Query details
Documentation
|
+|API Gateway Method Settings Cache Not Encrypted
b7c9a40c-23e4-4a2d-8d39-a3352f10f288|High|Encryption|Query details
Documentation
|
+|Athena Database Not Encrypted
b2315cae-b110-4426-81e0-80bb8640cdd3|High|Encryption|Query details
Documentation
|
+|Athena Workgroup Not Encrypted
d364984a-a222-4b5f-a8b0-e23ab19ebff3|High|Encryption|Query details
Documentation
|
+|Aurora With Disabled at Rest Encryption
1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e|High|Encryption|Query details
Documentation
|
+|Config Rule For Encrypted Volumes Disabled
abdb29d4-5ca1-4e91-800b-b3569bbd788c|High|Encryption|Query details
Documentation
|
+|DAX Cluster Not Encrypted
f11aec39-858f-4b6f-b946-0a1bf46c0c87|High|Encryption|Query details
Documentation
|
+|DB Instance Storage Not Encrypted
08bd0760-8752-44e1-9779-7bb369b2b4e4|High|Encryption|Query details
Documentation
|
+|DOCDB Cluster Not Encrypted
bc1f9009-84a0-490f-ae09-3e0ea6d74ad6|High|Encryption|Query details
Documentation
|
+|DOCDB Cluster Without KMS
4766d3ea-241c-4ee6-93ff-c380c996bd1a|High|Encryption|Query details
Documentation
|
+|DynamoDB Table Not Encrypted
ce089fd4-1406-47bd-8aad-c259772bb294|High|Encryption|Query details
Documentation
|
+|EBS Default Encryption Disabled
3d3f6270-546b-443c-adb4-bb6fb2187ca6|High|Encryption|Query details
Documentation
|
+|EBS Volume Encryption Disabled
cc997676-481b-4e93-aa81-d19f8c5e9b12|High|Encryption|Query details
Documentation
|
+|EBS Volume Snapshot Not Encrypted
e6b4b943-6883-47a9-9739-7ada9568f8ca|High|Encryption|Query details
Documentation
|
+|ECS Task Definition Volume Not Encrypted
4d46ff3b-7160-41d1-a310-71d6d370b08f|High|Encryption|Query details
Documentation
|
+|EFS Not Encrypted
48207659-729f-4b5c-9402-f884257d794f|High|Encryption|Query details
Documentation
|
+|EKS Cluster Encryption Disabled
63ebcb19-2739-4d3f-aa5c-e8bbb9b85281|High|Encryption|Query details
Documentation
|
+|ElastiCache Replication Group Not Encrypted At Rest
76976de7-c7b1-4f64-a94f-90c1345914c2|High|Encryption|Query details
Documentation
|
+|ElasticSearch Encryption With KMS Disabled
7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2|High|Encryption|Query details
Documentation
|
+|ElasticSearch Not Encrypted At Rest
24e16922-4330-4e9d-be8a-caa90299466a|High|Encryption|Query details
Documentation
|
+|ELB Using Weak Ciphers
4a800e14-c94a-442d-9067-5a2e9f6c0a4c|High|Encryption|Query details
Documentation
|
+|Glue Data Catalog Encryption Disabled
01d50b14-e933-4c99-b314-6d08cd37ad35|High|Encryption|Query details
Documentation
|
+|Glue Security Configuration Encryption Disabled
ad5b4e97-2850-4adf-be17-1d293e0b85ee|High|Encryption|Query details
Documentation
|
+|Kinesis Not Encrypted With KMS
862fe4bf-3eec-4767-a517-40f378886b88|High|Encryption|Query details
Documentation
|
+|Kinesis SSE Not Configured
5c6dd5e7-1fe0-4cae-8f81-4c122717cef3|High|Encryption|Query details
Documentation
|
+|Launch Configuration Is Not Encrypted
4de9de27-254e-424f-bd70-4c1e95790838|High|Encryption|Query details
Documentation
|
+|MSK Cluster Encryption Disabled
6db52fa6-d4da-4608-908a-89f0c59e743e|High|Encryption|Query details
Documentation
|
+|Neptune Database Cluster Encryption Disabled
98d59056-f745-4ef5-8613-32bca8d40b7e|High|Encryption|Query details
Documentation
|
+|RDS Database Cluster not Encrypted
656880aa-1388-488f-a6d4-8f73c23149b2|High|Encryption|Query details
Documentation
|
+|RDS Storage Not Encrypted
3199c26c-7871-4cb3-99c2-10a59244ce7f|High|Encryption|Query details
Documentation
|
+|Redis Not Compliant
254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4|High|Encryption|Query details
Documentation
|
+|Redshift Not Encrypted
cfdcabb0-fc06-427c-865b-c59f13e898ce|High|Encryption|Query details
Documentation
|
+|S3 Bucket Object Not Encrypted
5fb49a69-8d46-4495-a2f8-9c8c622b2b6e|High|Encryption|Query details
Documentation
|
+|Sagemaker Endpoint Configuration Encryption Disabled
58b35504-0287-4154-bf69-02c0573deab8|High|Encryption|Query details
Documentation
|
+|Sagemaker Notebook Instance Without KMS
f3674e0c-f6be-43fa-b71c-bf346d1aed99|High|Encryption|Query details
Documentation
|
+|SNS Topic Not Encrypted
28545147-2fc6-42d5-a1f9-cf226658e591|High|Encryption|Query details
Documentation
|
+|User Data Contains Encoded Private Key
443488f5-c734-460b-a36d-5b3f330174dc|High|Encryption|Query details
Documentation
|
+|Workspaces Workspace Volume Not Encrypted
b9033580-6886-401a-8631-5f19f5bb24c7|High|Encryption|Query details
Documentation
|
+|Batch Job Definition With Privileged Container Properties
66cd88ac-9ddf-424a-b77e-e55e17630bee|High|Insecure Configurations|Query details
Documentation
|
+|DB Security Group Has Public Interface
f0d8781f-99bf-4958-9917-d39283b168a0|High|Insecure Configurations|Query details
Documentation
|
+|KMS Key With Vulnerable Policy
7ebc9038-0bde-479a-acc4-6ed7b6758899|High|Insecure Configurations|Query details
Documentation
|
+|Lambda Function With Privileged Role
1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2|High|Insecure Configurations|Query details
Documentation
|
+|MQ Broker Is Publicly Accessible
4eb5f791-c861-4afd-9f94-f2a6a3fe49cb|High|Insecure Configurations|Query details
Documentation
|
+|Redshift Publicly Accessible
af173fde-95ea-4584-b904-bb3923ac4bda|High|Insecure Configurations|Query details
Documentation
|
+|Root Account Has Active Access Keys
970d224d-b42a-416b-81f9-8f4dfe70c4bc|High|Insecure Configurations|Query details
Documentation
|
+|S3 Static Website Host Enabled
42bb6b7f-6d54-4428-b707-666f669d94fb|High|Insecure Configurations|Query details
Documentation
|
+|DB Security Group Open To Large Scope
4f615f3e-fb9c-4fad-8b70-2e9f781806ce|High|Networking and Firewall|Query details
Documentation
|
+|Default Security Groups With Unrestricted Traffic
46883ce1-dc3e-4b17-9195-c6a601624c73|High|Networking and Firewall|Query details
Documentation
|
+|Network ACL With Unrestricted Access To RDP
a20be318-cac7-457b-911d-04cc6e812c25|High|Networking and Firewall|Query details
Documentation
|
+|Remote Desktop Port Open To Internet
151187cb-0efc-481c-babd-ad24e3c9bc22|High|Networking and Firewall|Query details
Documentation
|
+|Route53 Record Undefined
25db74bf-fa3b-44da-934e-8c3e005c0453|High|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Entire Network
381c3f2a-ef6f-4eff-99f7-b169cda3422c|High|Networking and Firewall|Query details
Documentation
|
+|Unknown Port Exposed To Internet
590d878b-abdc-428f-895a-e2b68a0e1998|High|Networking and Firewall|Query details
Documentation
|
+|Unrestricted Security Group Ingress
4728cd65-a20c-49da-8b31-9c08b423e4db|High|Networking and Firewall|Query details
Documentation
|
+|VPC Default Security Group Accepts All Traffic
9a4ef195-74b9-4c58-b8ed-2b2fe4353a75|High|Networking and Firewall|Query details
Documentation
|
+|VPC Peering Route Table with Unrestricted CIDR
b3a41501-f712-4c4f-81e5-db9a7dc0e34e|High|Networking and Firewall|Query details
Documentation
|
+|CloudTrail Log Files S3 Bucket is Publicly Accessible
bd0088a5-c133-4b20-b129-ec9968b16ef3|High|Observability|Query details
Documentation
|
+|Hardcoded AWS Access Key
d7b9d850-3e06-4a75-852f-c46c2e92240b|High|Secret Management|Query details
Documentation
|
+|Hardcoded AWS Access Key In Lambda
1402afd8-a95c-4e84-8b0b-6fb43758e6ce|High|Secret Management|Query details
Documentation
|
+|AMI Shared With Multiple Accounts
ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698|Medium|Access Control|Query details
Documentation
|
+|API Gateway Method Does Not Contains An API Key
671211c5-5d2a-4e97-8867-30fc28b02216|Medium|Access Control|Query details
Documentation
|
+|API Gateway Without Configured Authorizer
0a96ce49-4163-4ee6-8169-eb3b0797d694|Medium|Access Control|Query details
Documentation
|
+|Certificate Has Expired
c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6|Medium|Access Control|Query details
Documentation
|
+|EC2 Instance Using Default Security Group
f1adc521-f79a-4d71-b55b-a68294687432|Medium|Access Control|Query details
Documentation
|
+|EFS With Vulnerable Policy
fae52418-bb8b-4ac2-b287-0b9082d6a3fd|Medium|Access Control|Query details
Documentation
|
+|Elasticsearch Domain With Vulnerable Policy
16c4216a-50d3-4785-bfb2-4adb5144a8ba|Medium|Access Control|Query details
Documentation
|
+|Elasticsearch Without IAM Authentication
e7530c3c-b7cf-4149-8db9-d037a0b5268e|Medium|Access Control|Query details
Documentation
|
+|Glue With Vulnerable Policy
d25edb51-07fb-4a73-97d4-41cecdc53a22|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
9b0ffadc-a61f-4c2a-b1e6-68fab60f6267|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
15e6ad8c-f420-49a6-bafb-074f5eb1ec74|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
7d544dad-8a6c-431c-84c1-5f07fe9afc0e|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
8f3c16b3-354d-45db-8ad5-5066778a9485|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AddUserToGroup'
970ed7a2-0aca-4425-acf1-0453c9ecbca1|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
70b42736-efee-4bce-80d5-50358ed94990|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AttachRolePolicy'
3dd96caa-0b5f-4a85-b929-acfac4646cc2|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:AttachUserPolicy'
db78d14b-10e5-4e6e-84b1-dace6327b1ec|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:CreateAccessKey'
846646e3-2af1-428c-ac5d-271eccfa6faf|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:CreateLoginProfile'
04c686f1-e0cd-4812-88e1-4e038410074c|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ec49cbfd-fae4-45f3-81b1-860526d66e3f|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:PutGroupPolicy'
e77c89f6-9c85-49ea-b95b-5f960fe5be92|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:PutRolePolicy'
c0c1e744-0f37-445e-924a-1846f0839f69|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:PutUserPolicy'
60263b4a-6801-4587-911d-919c37ed733b|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
7782d4b3-e23e-432b-9742-d9528432e771|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
78f1ec6f-5659-41ea-bd48-d0a142dce4f2|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
ad296c0d-8131-4d6b-b030-1b0e73a99ad3|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
034d0aee-620f-4bf7-b7fb-efdf661fdb9e|Medium|Access Control|Query details
Documentation
|
+|Group With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
571254d8-aa6a-432e-9725-535d3ef04d69|Medium|Access Control|Query details
Documentation
|
+|IAM Access Key Is Exposed
7081f85c-b94d-40fd-8b45-a4f1cac75e46|Medium|Access Control|Query details
Documentation
|
+|IAM Group Without Users
fc101ca7-c9dd-4198-a1eb-0fbe92e80044|Medium|Access Control|Query details
Documentation
|
+|IAM Policies Attached To User
b4378389-a9aa-44ee-91e7-ef183f11079e|Medium|Access Control|Query details
Documentation
|
+|IAM Policies With Full Privileges
2f37c4a3-58b9-4afe-8a87-d7f1d2286f84|Medium|Access Control|Query details
Documentation
|
+|IAM Policy Grants 'AssumeRole' Permission Across All Services
bcdcbdc6-a350-4855-ae7c-d1e6436f7c97|Medium|Access Control|Query details
Documentation
|
+|IAM Role Allows All Principals To Assume
12b7e704-37f0-4d1e-911a-44bf60c48c21|Medium|Access Control|Query details
Documentation
|
+|IAM Role Policy passRole Allows All
e39bee8c-fe54-4a3f-824d-e5e2d1cca40a|Medium|Access Control|Query details
Documentation
|
+|IAM User With Access To Console
9ec311bf-dfd9-421f-8498-0b063c8bc552|Medium|Access Control|Query details
Documentation
|
+|Lambda Permission Principal Is Wildcard
e08ed7eb-f3ef-494d-9d22-2e3db756a347|Medium|Access Control|Query details
Documentation
|
+|Policy Without Principal
bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54|Medium|Access Control|Query details
Documentation
|
+|Public and Private EC2 Share Role
c53c7a89-f9d7-4c7b-8b66-8a555be99593|Medium|Access Control|Query details
Documentation
|
+|Public Lambda via API Gateway
3ef8696c-e4ae-4872-92c7-520bb44dfe77|Medium|Access Control|Query details
Documentation
|
+|REST API With Vulnerable Policy
b161c11b-a59b-4431-9a29-4e19f63e6b27|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
be2aa235-bd93-4b68-978a-1cc65d49082f|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
30b88745-eebe-4ecb-a3a9-5cf886e96204|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
0a592060-8166-49f5-8e65-99ac6dce9871|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
eda48c88-2b7d-4e34-b6ca-04c0194aee17|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AddUserToGroup'
b8a31292-509d-4b61-bc40-13b167db7e9c|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
f906113d-cdc0-415a-ba60-609cc6daaf4d|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AttachRolePolicy'
f465fff1-0a0f-457d-aa4d-1bddb6f204ff|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:AttachUserPolicy'
7c96920c-6fd0-449d-9a52-0aa431b6beaf|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:CreateAccessKey'
5b4d4aee-ac94-4810-9611-833636e5916d|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:CreateLoginProfile'
9a205ba3-0dd1-42eb-8d54-2ffec836b51a|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
ee49557d-750c-4cc1-aa95-94ab36cbefde|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:PutGroupPolicy'
d6047119-a0b2-4b59-a4f2-127a36fb685b|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:PutRolePolicy'
eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:PutUserPolicy'
8f75840d-9ee7-42f3-b203-b40e3979eb12|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
118281d0-6471-422e-a7c5-051bc667926e|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
f1173d8c-3264-4148-9fdb-61181e031b51|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
35ccf766-0e4d-41ed-9ec4-2dab155082b4|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
fa62ac4f-f5b9-45b9-97c1-625c8b6253ca|Medium|Access Control|Query details
Documentation
|
+|Role With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
c583f0f9-7dfd-476b-a056-f47c62b47b46|Medium|Access Control|Query details
Documentation
|
+|S3 Bucket Allows Public ACL
d0cc8694-fcad-43ff-ac86-32331d7e867f|Medium|Access Control|Query details
Documentation
|
+|SNS Topic Publicity Has Allow and NotAction Simultaneously
5ea624e4-c8b1-4bb3-87a4-4235a776adcc|Medium|Access Control|Query details
Documentation
|
+|SQS Policy With Public Access
730675f9-52ed-49b6-8ead-0acb5dd7df7f|Medium|Access Control|Query details
Documentation
|
+|SSO Identity User Unsafe Creation
4003118b-046b-4640-b200-b8c7a4c8b89f|Medium|Access Control|Query details
Documentation
|
+|SSO Policy with full privileges
132a8c31-9837-4203-9fd1-15ca210c7b73|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'cloudformation:CreateStack' And 'iam:PassRole'
19ffbe31-9d72-4379-9768-431195eae328|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'ec2:RunInstances' And 'iam:PassRole'
89561b03-cb35-44a9-a7e9-8356e71606f4|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'glue:CreateDevEndpoint' And 'iam:PassRole'
94fbe150-27e3-4eba-9ca6-af32865e4503|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'glue:UpdateDevEndpoint'
9b877bd8-94b4-4c10-a060-8e0436cc09fa|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AddUserToGroup'
bf9d42c7-c2f9-4dfe-942c-c8cc8249a081|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AttachGroupPolicy'
6d23d87e-1c5b-4308-b224-92624300f29b|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AttachRolePolicy'
e227091e-2228-4b40-b046-fc13650d8e88|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:AttachUserPolicy'
70cb518c-d990-46f6-bc05-44a5041493d6|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:CreateAccessKey'
113208f2-a886-4526-9ecc-f3218600e12c|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:CreateLoginProfile'
0fd7d920-4711-46bd-aff2-d307d82cd8b7|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:CreatePolicyVersion'
1743f5f1-0bb0-4934-acef-c80baa5dadfa|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:PutGroupPolicy'
8bfbf7ab-d5e8-4100-8618-798956e101e0|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:PutRolePolicy'
eeb4d37a-3c59-4789-a00c-1509bc3af1e5|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:PutUserPolicy'
0c10d7da-85c4-4d62-b2a8-d6c104f1bd77|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:SetDefaultPolicyVersion'
43a41523-386a-4cb1-becb-42af6b414433|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:UpdateAssumeRolePolicy' And 'sts:AssumeRole'
33627268-1445-4385-988a-318fd9d1a512|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'iam:UpdateLoginProfile'
6deb34e2-5d9c-499a-801b-ea6d9eda894f|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'lambda:CreateFunction' And 'iam:PassRole' And 'lambda:InvokeFunction'
8055dec2-efb8-4fe6-8837-d9bed6ff202a|Medium|Access Control|Query details
Documentation
|
+|User With Privilege Escalation By Actions 'lambda:UpdateFunctionCode'
b69247e5-7e73-464e-ba74-ec9b715c6e12|Medium|Access Control|Query details
Documentation
|
+|Auto Scaling Group With No Associated ELB
8e94dced-9bcc-4203-8eb7-7e41202b2505|Medium|Availability|Query details
Documentation
|
+|CMK Is Unusable
7350fa23-dcf7-4938-916d-6a60b0c73b50|Medium|Availability|Query details
Documentation
|
+|ElastiCache Nodes Not Created Across Multi AZ
6db03a91-f933-4f13-ab38-a8b87a7de54d|Medium|Availability|Query details
Documentation
|
+|ElastiCache Redis Cluster Without Backup
8fdb08a0-a868-4fdf-9c27-ccab0237f1ab|Medium|Backup|Query details
Documentation
|
+|RDS Cluster With Backup Disabled
e542bd46-58c4-4e0f-a52a-1fb4f9548e02|Medium|Backup|Query details
Documentation
|
+|RDS With Backup Disabled
1dc73fb4-5b51-430c-8c5f-25dcf9090b02|Medium|Backup|Query details
Documentation
|
+|S3 Bucket Without Versioning
568a4d22-3517-44a6-a7ad-6a7eed88722c|Medium|Backup|Query details
Documentation
|
+|Stack Retention Disabled
6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97|Medium|Backup|Query details
Documentation
|
+|ALB Not Dropping Invalid Headers
6e3fd2ed-5c83-4c68-9679-7700d224d379|Medium|Best Practices|Query details
Documentation
|
+|AMI Not Encrypted
8bbb242f-6e38-4127-86d4-d8f0b2687ae2|Medium|Encryption|Query details
Documentation
|
+|CA Certificate Identifier Is Outdated
9f40c07e-699e-4410-8856-3ba0f2e3a2dd|Medium|Encryption|Query details
Documentation
|
+|Cloudfront Viewer Protocol Policy Allows HTTP
55af1353-2f62-4fa0-a8e1-a210ca2708f5|Medium|Encryption|Query details
Documentation
|
+|CloudWatch Log Group Without KMS
0afbcfe9-d341-4b92-a64c-7e6de0543879|Medium|Encryption|Query details
Documentation
|
+|ElastiCache Replication Group Not Encrypted At Transit
1afbb3fa-cf6c-4a3d-b730-95e9f4df343e|Medium|Encryption|Query details
Documentation
|
+|Elasticsearch Domain Not Encrypted Node To Node
967eb3e6-26fc-497d-8895-6428beb6e8e2|Medium|Encryption|Query details
Documentation
|
+|ELB Using Insecure Protocols
126c1788-23c2-4a10-906c-ef179f4f96ec|Medium|Encryption|Query details
Documentation
|
+|IAM Database Auth Not Enabled
88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6|Medium|Encryption|Query details
Documentation
|
+|S3 Bucket Policy Accepts HTTP Requests
4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9|Medium|Encryption|Query details
Documentation
|
+|Secretsmanager Secret Encrypted With AWS Managed Key
b0d3ef3f-845d-4b1b-83d6-63a5a380375f|Medium|Encryption|Query details
Documentation
|
+|Secretsmanager Secret Without KMS
a2f548f2-188c-4fff-b172-e9a6acb216bd|Medium|Encryption|Query details
Documentation
|
+|Secure Ciphers Disabled
5c0003fb-9aa0-42c1-9da3-eb0e332bef21|Medium|Encryption|Query details
Documentation
|
+|SNS Topic Encrypted With AWS Managed Key
b1a72f66-2236-4f3b-87ba-0da1b366956f|Medium|Encryption|Query details
Documentation
|
+|SQS With SSE Disabled
6e8849c1-3aa7-40e3-9063-b85ee300f29f|Medium|Encryption|Query details
Documentation
|
+|SSM Session Transit Encryption Disabled
ce60cc6b-6831-4bd7-84a2-cc7f8ee71433|Medium|Encryption|Query details
Documentation
|
+|ALB Deletion Protection Disabled
afecd1f1-6378-4f7e-bb3b-60c35801fdd4|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway With Open Access
15ccec05-5476-4890-ad19-53991eba1db8|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without Security Policy
4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b|Medium|Insecure Configurations|Query details
Documentation
|
+|API Gateway Without SSL Certificate
0b4869fc-a842-4597-aa00-1294df425440|Medium|Insecure Configurations|Query details
Documentation
|
+|Certificate RSA Key Bytes Lower Than 256
874d68a3-bfbe-4a4b-aaa0-9e74d7da634b|Medium|Insecure Configurations|Query details
Documentation
|
+|CloudFront Without Minimum Protocol TLS 1.2
00e5e55e-c2ff-46b3-a757-a7a1cd802456|Medium|Insecure Configurations|Query details
Documentation
|
+|ECR Image Tag Not Immutable
d1846b12-20c5-4d45-8798-fc35b79268eb|Medium|Insecure Configurations|Query details
Documentation
|
+|ECS Task Definition Network Mode Not Recommended
9f4a9409-9c60-4671-be96-9716dbf63db1|Medium|Insecure Configurations|Query details
Documentation
|
+|EKS Cluster Has Public Access
42f4b905-3736-4213-bfe9-c0660518cda8|Medium|Insecure Configurations|Query details
Documentation
|
+|IAM User Has Too Many Access Keys
3561130e-9c5f-485b-9e16-2764c82763e5|Medium|Insecure Configurations|Query details
Documentation
|
+|No Password Policy Enabled
b592ffd4-0577-44b6-bd35-8c5ee81b5918|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket with Unsecured CORS Rule
98a8f708-121b-455b-ae2f-da3fb59d17e1|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Ignore Public ACL
4fa66806-0dd9-4f8d-9480-3174d39c7c91|Medium|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Restriction Of Public Bucket
1ec253ab-c220-4d63-b2de-5b40e0af9293|Medium|Insecure Configurations|Query details
Documentation
|
+|Service Control Policies Disabled
5ba6229c-8057-433e-91d0-21cf13569ca9|Medium|Insecure Configurations|Query details
Documentation
|
+|Default VPC Exists
96ed3526-0179-4c73-b1b2-372fde2e0d13|Medium|Insecure Defaults|Query details
Documentation
|
+|Vulnerable Default SSL Certificate
3a1e94df-6847-4c0e-a3b6-6c6af4e128ef|Medium|Insecure Defaults|Query details
Documentation
|
+|ALB Is Not Integrated With WAF
0afa6ab8-a047-48cf-be07-93a2f8c34cf7|Medium|Networking and Firewall|Query details
Documentation
|
+|ALB Listening on HTTP
de7f5e83-da88-4046-871f-ea18504b1d43|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Endpoint Config is Not Private
6b2739db-9c49-4db7-b980-7816e0c248c1|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway without WAF
a186e82c-1078-4a7b-85d8-579561fde884|Medium|Networking and Firewall|Query details
Documentation
|
+|CloudFront Without WAF
1419b4c6-6d5c-4534-9cf6-6a5266085333|Medium|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Has Public IP
5a2486aa-facf-477d-a5c1-b010789459ce|Medium|Networking and Firewall|Query details
Documentation
|
+|EKS Cluster Has Public Access CIDRs
61cf9883-1752-4768-b18c-0d57f2737709|Medium|Networking and Firewall|Query details
Documentation
|
+|EKS node group remote access disabled
ba40ace1-a047-483c-8a8d-bc2d3a67a82d|Medium|Networking and Firewall|Query details
Documentation
|
+|Elasticsearch with HTTPS disabled
2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e|Medium|Networking and Firewall|Query details
Documentation
|
+|HTTP Port Open To Internet
ffac8a12-322e-42c1-b9b9-81ff85c39ef7|Medium|Networking and Firewall|Query details
Documentation
|
+|Network ACL With Unrestricted Access To SSH
3af7f2fd-06e6-4dab-b996-2912bea19ba4|Medium|Networking and Firewall|Query details
Documentation
|
+|Security Group With Unrestricted Access To SSH
65905cec-d691-4320-b320-2000436cb696|Medium|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Small Public Network
e35c16a2-d54e-419d-8546-a804d8e024d0|Medium|Networking and Firewall|Query details
Documentation
|
+|SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
54c417bf-c762-48b9-9d31-b3d87047e3f0|Medium|Networking and Firewall|Query details
Documentation
|
+|VPC Subnet Assigns Public IP
52f04a44-6bfa-4c41-b1d3-4ae99a2de05c|Medium|Networking and Firewall|Query details
Documentation
|
+|VPC Without Network Firewall
fd632aaf-b8a1-424d-a4d1-0de22fd3247a|Medium|Networking and Firewall|Query details
Documentation
|
+|API Gateway Access Logging Disabled
1b6799eb-4a7a-4b04-9001-8cceb9999326|Medium|Observability|Query details
Documentation
|
+|API Gateway Deployment Without Access Log Setting
625abc0e-f980-4ac9-a775-f7519ee34296|Medium|Observability|Query details
Documentation
|
+|API Gateway With CloudWatch Logging Disabled
982aa526-6970-4c59-8b9b-2ce7e019fe36|Medium|Observability|Query details
Documentation
|
+|CloudFront Logging Disabled
94690d79-b3b0-43de-b656-84ebef5753e5|Medium|Observability|Query details
Documentation
|
+|CloudTrail Log Files S3 Bucket with Logging Disabled
ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4|Medium|Observability|Query details
Documentation
|
+|CloudTrail Logging Disabled
4bb76f17-3d63-4529-bdca-2b454529d774|Medium|Observability|Query details
Documentation
|
+|CloudWatch AWS Config Configuration Changes Alarm Missing
5b8d7527-de8e-4114-b9dd-9d988f1f418f|Medium|Observability|Query details
Documentation
|
+|CloudWatch Changes To NACL Alarm Missing
0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0|Medium|Observability|Query details
Documentation
|
+|Cloudwatch Cloudtrail Configuration Changes Alarm Missing
0f6cbf69-41bb-47dc-93f3-3844640bf480|Medium|Observability|Query details
Documentation
|
+|CloudWatch Disabling Or Scheduled Deletion Of Customer Created CMK Alarm Missing
56a585f5-555c-48b2-8395-e64e4740a9cf|Medium|Observability|Query details
Documentation
|
+|CloudWatch Logging Disabled
7dbba512-e244-42dc-98bb-422339827967|Medium|Observability|Query details
Documentation
|
+|CloudWatch Management Console Auth Failed Alarm Missing
5864d189-ee9a-4009-ac0c-8a582e6b7919|Medium|Observability|Query details
Documentation
|
+|CloudWatch Metrics Disabled
081069cb-588b-4ce1-884c-2a1ce3029fe5|Medium|Observability|Query details
Documentation
|
+|CloudWatch Root Account Use Missing
8b1b1e67-6248-4dca-bbad-93486bb181c0|Medium|Observability|Query details
Documentation
|
+|CloudWatch S3 policy Change Alarm Missing
27c6a499-895a-4dc7-9617-5c485218db13|Medium|Observability|Query details
Documentation
|
+|Cloudwatch Security Group Changes Alarm Missing
4beaf898-9f8b-4237-89e2-5ffdc7ee6006|Medium|Observability|Query details
Documentation
|
+|CloudWatch VPC Changes Alarm Missing
9d0d4512-1959-43a2-a17f-72360ff06d1b|Medium|Observability|Query details
Documentation
|
+|DocDB Logging Is Disabled
56f6a008-1b14-4af4-b9b2-ab7cf7e27641|Medium|Observability|Query details
Documentation
|
+|EC2 Instance Monitoring Disabled
23b70e32-032e-4fa6-ba5c-82f56b9980e6|Medium|Observability|Query details
Documentation
|
+|EKS cluster logging is not enabled
37304d3f-f852-40b8-ae3f-725e87a7cedf|Medium|Observability|Query details
Documentation
|
+|Elasticsearch Log Disabled
acb6b4e2-a086-4f35-aefd-4db6ea51ada2|Medium|Observability|Query details
Documentation
|
+|ELB Access Log Disabled
20018359-6fd7-4d05-ab26-d4dffccbdf79|Medium|Observability|Query details
Documentation
|
+|Global Accelerator Flow Logs Disabled
96e8183b-e985-457b-90cd-61c0503a3369|Medium|Observability|Query details
Documentation
|
+|GuardDuty Detector Disabled
704dadd3-54fc-48ac-b6a0-02f170011473|Medium|Observability|Query details
Documentation
|
+|Missing Cluster Log Types
66f130d9-b81d-4e8e-9b08-da74b9c891df|Medium|Observability|Query details
Documentation
|
+|MQ Broker Logging Disabled
31245f98-a6a9-4182-9fc1-45482b9d030a|Medium|Observability|Query details
Documentation
|
+|MSK Cluster Logging Disabled
2f56b7ab-7fba-4e93-82f0-247e5ddeb239|Medium|Observability|Query details
Documentation
|
+|Neptune Logging Is Disabled
45cff7b6-3b80-40c1-ba7b-2cf480678bb8|Medium|Observability|Query details
Documentation
|
+|RDS Without Logging
8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56|Medium|Observability|Query details
Documentation
|
+|Redshift Cluster Logging Disabled
15ffbacc-fa42-4f6f-a57d-2feac7365caa|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Logging Disabled
f861041c-8c9f-4156-acfc-5e6e524f5884|Medium|Observability|Query details
Documentation
|
+|S3 Bucket Object Level CloudTrail Logging Disabled
a8fc2180-b3ac-4c93-bd0d-a55b974e4b07|Medium|Observability|Query details
Documentation
|
+|Stack Notifications Disabled
b72d0026-f649-4c91-a9ea-15d8f681ac09|Medium|Observability|Query details
Documentation
|
+|VPC FlowLogs Disabled
f83121ea-03da-434f-9277-9cd247ab3047|Medium|Observability|Query details
Documentation
|
+|No Stack Policy
2f01fb2d-828a-499d-b98e-b83747305052|Medium|Resource Management|Query details
Documentation
|
+|Authentication Without MFA
3ddfa124-6407-4845-a501-179f90c65097|Low|Access Control|Query details
Documentation
|
+|CloudWatch Logs Destination With Vulnerable Policy
db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8|Low|Access Control|Query details
Documentation
|
+|EC2 Instance Using API Keys
0b93729a-d882-4803-bdc3-ac429a21f158|Low|Access Control|Query details
Documentation
|
+|SSO Permission With Inadequate User Session Duration
ce9dfce0-5fc8-433b-944a-3b16153111a8|Low|Access Control|Query details
Documentation
|
+|Autoscaling Groups Supply Tags
ba48df05-eaa1-4d64-905e-4a4b051e7587|Low|Availability|Query details
Documentation
|
+|ECS Service Without Running Tasks
91f16d09-689e-4926-aca7-155157f634ed|Low|Availability|Query details
Documentation
|
+|Automatic Minor Upgrades Disabled
3b6d777b-76e3-4133-80a3-0d6f667ade7f|Low|Best Practices|Query details
Documentation
|
+|CDN Configuration Is Missing
1bc367f6-901d-4870-ad0c-71d79762ef52|Low|Best Practices|Query details
Documentation
|
+|Cognito UserPool Without MFA
ec28bf61-a474-4dbe-b414-6dd3a067d6f0|Low|Best Practices|Query details
Documentation
|
+|ECR Repository Without Policy
69e7c320-b65d-41bb-be02-d63ecc0bcc9d|Low|Best Practices|Query details
Documentation
|
+|IAM Access Analyzer Not Enabled
e592a0c5-5bdb-414c-9066-5dba7cdea370|Low|Best Practices|Query details
Documentation
|
+|IAM Password Without Minimum Length
1bc1c685-e593-450e-88fb-19db4c82aa1d|Low|Best Practices|Query details
Documentation
|
+|Lambda IAM InvokeFunction Misconfigured
0ca1017d-3b80-423e-bb9c-6cd5898d34bd|Low|Best Practices|Query details
Documentation
|
+|Lambda Permission Misconfigured
75ec6890-83af-4bf1-9f16-e83726df0bd0|Low|Best Practices|Query details
Documentation
|
+|Misconfigured Password Policy Expiration
ce60d060-efb8-4bfd-9cf7-ff8945d00d90|Low|Best Practices|Query details
Documentation
|
+|Password Without Reuse Prevention
89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a|Low|Best Practices|Query details
Documentation
|
+|Stack Without Template
91bea7b8-0c31-4863-adc9-93f6177266c4|Low|Build Process|Query details
Documentation
|
+|API Gateway With Invalid Compression
ed35928e-195c-4405-a252-98ccb664ab7b|Low|Encryption|Query details
Documentation
|
+|CloudTrail Log Files Not Encrypted With KMS
5d9e3164-9265-470c-9a10-57ae454ac0c7|Low|Encryption|Query details
Documentation
|
+|CodeBuild Project Encrypted With AWS Managed Key
3deec14b-03d2-4d27-9670-7d79322e3340|Low|Encryption|Query details
Documentation
|
+|DOCDB Cluster Encrypted With AWS Managed Key
2134641d-30a4-4b16-8ffc-2cd4c4ffd15d|Low|Encryption|Query details
Documentation
|
+|ECR Repository Not Encrypted With CMK
0e32d561-4b5a-4664-a6e3-a3fa85649157|Low|Encryption|Query details
Documentation
|
+|EFS Without KMS
25d251f3-f348-4f95-845c-1090e41a615c|Low|Encryption|Query details
Documentation
|
+|AWS Password Policy With Unchangeable Passwords
9ef7d25d-9764-4224-9968-fa321c56ef76|Low|Insecure Configurations|Query details
Documentation
|
+|IAM User Policy Without MFA
b5681959-6c09-4f55-b42b-c40fa12d03ec|Low|Insecure Configurations|Query details
Documentation
|
+|Instance With No VPC
a31a5a29-718a-4ff4-8001-a69e5e4d029e|Low|Insecure Configurations|Query details
Documentation
|
+|Redis Disabled
4bd15dd9-8d5e-4008-8532-27eb0c3706d3|Low|Insecure Configurations|Query details
Documentation
|
+|Redshift Cluster Without VPC
0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3|Low|Insecure Configurations|Query details
Documentation
|
+|S3 Bucket Without Enabled MFA Delete
c5b31ab9-0f26-4a49-b8aa-4cc064392f4d|Low|Insecure Configurations|Query details
Documentation
|
+|Dynamodb VPC Endpoint Without Route Table Association
0bc534c5-13d1-4353-a7fe-b8665d5c1d7d|Low|Networking and Firewall|Query details
Documentation
|
+|EC2 Instance Using Default VPC
7e4a6e76-568d-43ef-8c4e-36dea481bff1|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Using Default Port
5d89db57-8b51-4b38-bb76-b9bd42bd40f0|Low|Networking and Firewall|Query details
Documentation
|
+|ElastiCache Without VPC
8c849af7-a399-46f7-a34c-32d3dc96f1fc|Low|Networking and Firewall|Query details
Documentation
|
+|EMR Without VPC
2b3c8a6d-9856-43e6-ab1d-d651094f03b4|Low|Networking and Firewall|Query details
Documentation
|
+|RDS Using Default Port
bca7cc4d-b3a4-4345-9461-eb69c68fcd26|Low|Networking and Firewall|Query details
Documentation
|
+|Redshift Using Default Port
41abc6cc-dde1-4217-83d3-fb5f0cc09d8f|Low|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Wide Private Network
92fe237e-074c-4262-81a4-2077acb928c1|Low|Networking and Firewall|Query details
Documentation
|
+|Shield Advanced Not In Use
084c6686-2a70-4710-91b1-000393e54c12|Low|Networking and Firewall|Query details
Documentation
|
+|SQS VPC Endpoint Without DNS Resolution
e9b7acf9-9ba0-4837-a744-31e7df1e434d|Low|Networking and Firewall|Query details
Documentation
|
+|API Gateway Deployment Without API Gateway UsagePlan Associated
b3a59b8e-94a3-403e-b6e2-527abaf12034|Low|Observability|Query details
Documentation
|
+|API Gateway X-Ray Disabled
5813ef56-fa94-406a-b35d-977d4a56ff2b|Low|Observability|Query details
Documentation
|
+|CloudTrail Log File Validation Disabled
52ffcfa6-6c70-4ea6-8376-d828d3961669|Low|Observability|Query details
Documentation
|
+|CloudTrail Multi Region Disabled
8173d5eb-96b5-4aa6-a71b-ecfa153c123d|Low|Observability|Query details
Documentation
|
+|CloudTrail Not Integrated With CloudWatch
17b30f8f-8dfb-4597-adf6-57600b6cf25e|Low|Observability|Query details
Documentation
|
+|CloudTrail SNS Topic Name Undefined
482b7d26-0bdb-4b5f-bf6f-545826c0a3dd|Low|Observability|Query details
Documentation
|
+|CloudWatch Console Sign-in Without MFA Alarm Missing
44ceb4fa-0897-4fd2-b676-30e7a58f2933|Low|Observability|Query details
Documentation
|
+|CloudWatch IAM Policy Changes Alarm Missing
eaaba502-2f94-411a-a3c2-83d63cc1776d|Low|Observability|Query details
Documentation
|
+|CloudWatch Network Gateways Changes Alarm Missing
6b6874fe-4c2f-4eea-8b90-7cceaa4a125e|Low|Observability|Query details
Documentation
|
+|CloudWatch Route Table Changes Alarm Missing
2285e608-ddbc-47f3-ba54-ce7121e31216|Low|Observability|Query details
Documentation
|
+|CMK Rotation Disabled
22fbfeac-7b5a-421a-8a27-7a2178bb910b|Low|Observability|Query details
Documentation
|
+|Configuration Aggregator to All Regions Disabled
ac5a0bc0-a54c-45aa-90c3-15f7703b9132|Low|Observability|Query details
Documentation
|
+|ECS Cluster with Container Insights Disabled
97cb0688-369a-4d26-b1f7-86c4c91231bc|Low|Observability|Query details
Documentation
|
+|ElasticSearch Without Slow Logs
e979fcbc-df6c-422d-9458-c33d65e71c45|Low|Observability|Query details
Documentation
|
+|KMS Key With No Deletion Window
0b530315-0ea4-497f-b34c-4ff86268f59d|Low|Observability|Query details
Documentation
|
+|Lambda Functions Without X-Ray Tracing
8152e0cf-d2f0-47ad-96d5-d003a76eabd1|Low|Observability|Query details
Documentation
|
+|Unscanned ECR Image
9630336b-3fed-4096-8173-b9afdfe346a7|Low|Observability|Query details
Documentation
|
+|API Gateway Stage Without API Gateway UsagePlan Associated
c999cf62-0920-40f8-8dda-0caccd66ed7e|Low|Resource Management|Query details
Documentation
|
+|Security Group Not Used
4849211b-ac39-479e-ae78-5694d506cb24|Info|Access Control|Query details
Documentation
|
+|DynamoDB Table Point In Time Recovery Disabled
741f1291-47ac-4a85-a07b-3d32a9d6bd3e|Info|Best Practices|Query details
Documentation
|
+|EC2 Not EBS Optimized
60224630-175a-472a-9e23-133827040766|Info|Best Practices|Query details
Documentation
|
+|Resource Not Using Tags
e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10|Info|Best Practices|Query details
Documentation
|
+|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Info|Best Practices|Query details
Documentation
|
+|Security Group Rule Without Description
cb3f5ed6-0d18-40de-a93d-b3538db31e8c|Info|Best Practices|Query details
Documentation
|
+|CloudWatch AWS Organizations Changes Missing Alarm
38b85c45-e772-4de8-a247-69619ca137b3|Info|Observability|Query details
Documentation
|
+|CloudWatch Without Retention Period Specified
ef0b316a-211e-42f1-888e-64efe172b755|Info|Observability|Query details
Documentation
|
### AWS_BOM
Below are listed queries related to Terraform AWS_BOM:
@@ -410,17 +410,17 @@ Below are listed queries related to Terraform AWS_BOM:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|BOM - AWS DynamoDB
23edf35f-7c22-4ff9-87e6-0ca74261cfbf|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EBS
86571149-eef3-4280-a645-01e60df854b0|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS EFS
f53f16d6-46a9-4277-9fbe-617b1e24cdca|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Elasticache
54229498-850b-4f78-b3a7-218d24ef2c37|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS Kinesis
0e59d33e-bba2-4037-8f88-9765647ca7ad|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MQ
fcb1b388-f558-4b7f-9b6e-f4e98abb7380|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS MSK
051f2063-2517-4295-ad8e-ba88c1bf5cfc|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS RDS
12933609-c5bf-44b4-9a41-a6467c3b685b|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS S3 Buckets
2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SNS
eccc4d59-74b9-4974-86f1-74386e0c7f33|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - AWS SQS
baecd2da-492a-4d59-b9dc-29540a1398e0|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS DynamoDB
23edf35f-7c22-4ff9-87e6-0ca74261cfbf|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EBS
86571149-eef3-4280-a645-01e60df854b0|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS EFS
f53f16d6-46a9-4277-9fbe-617b1e24cdca|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Elasticache
54229498-850b-4f78-b3a7-218d24ef2c37|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS Kinesis
0e59d33e-bba2-4037-8f88-9765647ca7ad|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MQ
fcb1b388-f558-4b7f-9b6e-f4e98abb7380|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS MSK
051f2063-2517-4295-ad8e-ba88c1bf5cfc|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS RDS
12933609-c5bf-44b4-9a41-a6467c3b685b|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS S3 Buckets
2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SNS
eccc4d59-74b9-4974-86f1-74386e0c7f33|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - AWS SQS
baecd2da-492a-4d59-b9dc-29540a1398e0|Trace|Bill Of Materials|Query details
Documentation
|
### AZURE
Below are listed queries related to Terraform AZURE:
@@ -429,99 +429,99 @@ Below are listed queries related to Terraform AZURE:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|CosmosDB Account IP Range Filter Not Set
c2a3efb6-8a58-481c-82f2-bfddf34bb4b7|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Entirely Accessible
fd8da341-6760-4450-b26c-9f6d8850575e|Critical|Networking and Firewall|Query details
Documentation
|
-|Redis Publicly Accessible
5089d055-53ff-421b-9482-a5267bdce629|Critical|Networking and Firewall|Query details
Documentation
|
-|SQLServer Ingress From Any IP
25c0ea09-f1c5-4380-b055-3b83863f2bb8|Critical|Networking and Firewall|Query details
Documentation
|
-|Unrestricted SQL Server Access
d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28|Critical|Networking and Firewall|Query details
Documentation
|
-|Public Storage Account
17f75827-0684-48f4-8747-61129c7e4198|High|Access Control|Query details
Documentation
|
-|Storage Container Is Publicly Accessible
dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299|High|Access Control|Query details
Documentation
|
-|Azure Container Registry With No Locks
a187ac47-8163-42ce-8a63-c115236be6fb|High|Insecure Configurations|Query details
Documentation
|
-|Security Group is Not Configured
5c822443-e1ea-46b8-84eb-758ec602e844|High|Insecure Configurations|Query details
Documentation
|
-|MariaDB Server Public Network Access Enabled
7f0a8696-7159-4337-ad0d-8a3ab4a78195|High|Networking and Firewall|Query details
Documentation
|
-|MSSQL Server Public Network Access Enabled
ade36cf4-329f-4830-a83d-9db72c800507|High|Networking and Firewall|Query details
Documentation
|
-|MySQL Server Public Access Enabled
f118890b-2468-42b1-9ce9-af35146b425b|High|Networking and Firewall|Query details
Documentation
|
-|RDP Is Exposed To The Internet
efbf6449-5ec5-4cfe-8f15-acc51e0d787c|High|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Entire Network
594c198b-4d79-41b8-9b36-fde13348b619|High|Networking and Firewall|Query details
Documentation
|
-|Admin User Enabled For Container Registry
b897dfbf-322c-45a8-b67c-1e698beeaa51|Medium|Access Control|Query details
Documentation
|
-|AKS RBAC Disabled
86f92117-eed8-4614-9c6c-b26da20ff37f|Medium|Access Control|Query details
Documentation
|
-|App Service Authentication Disabled
c7fc1481-2899-4490-bbd8-544a3a61a2f3|Medium|Access Control|Query details
Documentation
|
-|Function App Authentication Disabled
e65a0733-94a0-4826-82f4-df529f4c593f|Medium|Access Control|Query details
Documentation
|
-|Role Assignment Not Limit Guest User Permissions
8e75e431-449f-49e9-b56a-c8f1378025cf|Medium|Access Control|Query details
Documentation
|
-|Role Definition Allows Custom Role Creation
3fa5900f-9aac-4982-96b2-a6143d9c99fb|Medium|Access Control|Query details
Documentation
|
-|Storage Share File Allows All ACL Permissions
48bbe0fd-57e4-4678-a4a1-119e79c90fc3|Medium|Access Control|Query details
Documentation
|
-|Storage Table Allows All ACL Permissions
3ac3e75c-6374-4a32-8ba0-6ed69bda404e|Medium|Access Control|Query details
Documentation
|
-|Azure Instance Using Basic Authentication
dafe30ec-325d-4516-85d1-e8e6776f012c|Medium|Best Practices|Query details
Documentation
|
-|Key Vault Secrets Content Type Undefined
f8e08a38-fc6e-4915-abbe-a7aadf1d59ef|Medium|Best Practices|Query details
Documentation
|
-|Security Contact Email
34664094-59e0-4524-b69f-deaa1a68cce3|Medium|Best Practices|Query details
Documentation
|
-|App Service Not Using Latest TLS Encryption Version
b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643|Medium|Encryption|Query details
Documentation
|
-|Encryption On Managed Disk Disabled
a99130ab-4c0e-43aa-97f8-78d4fcb30024|Medium|Encryption|Query details
Documentation
|
-|Function App Not Using Latest TLS Encryption Version
45fc717a-bd86-415c-bdd8-677901be1aa6|Medium|Encryption|Query details
Documentation
|
-|MySQL SSL Connection Disabled
73e42469-3a86-4f39-ad78-098f325b4e9f|Medium|Encryption|Query details
Documentation
|
-|SSL Enforce Disabled
0437633b-daa6-4bbc-8526-c0d2443b946e|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Forcing HTTPS
12944ec4-1fa0-47be-8b17-42a034f937c2|Medium|Encryption|Query details
Documentation
|
-|Storage Account Not Using Latest TLS Encryption Version
8263f146-5e03-43e0-9cfe-db960d56d1e7|Medium|Encryption|Query details
Documentation
|
-|AD Admin Not Configured For SQL Server
a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b|Medium|Insecure Configurations|Query details
Documentation
|
-|AKS Private Cluster Disabled
599318f2-6653-4569-9e21-041d06c63a89|Medium|Insecure Configurations|Query details
Documentation
|
-|App Service FTPS Enforce Disabled
85da374f-b00f-4832-9d44-84a1ca1e89f8|Medium|Insecure Configurations|Query details
Documentation
|
-|App Service HTTP2 Disabled
525b53be-62ed-4244-b4df-41aecfcb4071|Medium|Insecure Configurations|Query details
Documentation
|
-|Azure App Service Client Certificate Disabled
a81573f9-3691-4d83-88a0-7d4af63e17a3|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App Client Certificates Unrequired
9bb3c639-5edf-458c-8ee5-30c17c7d671d|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App FTPS Enforce Disabled
9dab0179-433d-4dff-af8f-0091025691df|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App HTTP2 Disabled
ace823d1-4432-4dee-945b-cdf11a5a6bd0|Medium|Insecure Configurations|Query details
Documentation
|
-|Function App Managed Identity Disabled
c87749b3-ff10-41f5-9df2-c421e8151759|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Watcher Flow Disabled
b90842e5-6779-44d4-9760-972f4c03ba1c|Medium|Insecure Configurations|Query details
Documentation
|
-|Redis Cache Allows Non SSL Connections
e29a75e6-aba3-4896-b42d-b87818c16b58|Medium|Insecure Configurations|Query details
Documentation
|
-|Redis Not Updated Regularly
b947809d-dd2f-4de9-b724-04d101c515aa|Medium|Insecure Configurations|Query details
Documentation
|
-|Security Center Pricing Tier Is Not Standard
819d50fd-1cdf-45c3-9936-be408aaad93e|Medium|Insecure Configurations|Query details
Documentation
|
-|Small Flow Logs Retention Period
7750fcca-dd03-4d38-b663-4b70289bcfd4|Medium|Insecure Configurations|Query details
Documentation
|
-|VM Not Attached To Network
bbf6b3df-4b65-4f87-82cc-da9f30f8c033|Medium|Insecure Configurations|Query details
Documentation
|
-|Web App Accepting Traffic Other Than HTTPS
11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe|Medium|Insecure Configurations|Query details
Documentation
|
-|Default Azure Storage Account Network Access Is Too Permissive
a5613650-32ec-4975-a305-31af783153ea|Medium|Insecure Defaults|Query details
Documentation
|
-|Azure Cognitive Search Public Network Access Enabled
4a9e0f00-0765-4f72-a0d4-d31110b78279|Medium|Networking and Firewall|Query details
Documentation
|
-|Firewall Rule Allows Too Many Hosts To Access Redis Cache
a829b715-cf75-4e92-b645-54c9b739edfb|Medium|Networking and Firewall|Query details
Documentation
|
-|Network Interfaces IP Forwarding Enabled
4216ebac-d74c-4423-b437-35025cb88af5|Medium|Networking and Firewall|Query details
Documentation
|
-|Network Interfaces With Public IP
c1573577-e494-4417-8854-7e119368dc8b|Medium|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Small Public Network
e9dee01f-2505-4df2-b9bf-7804d1fd9082|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Is Exposed To The Internet
3e3c175e-aadf-4e2b-a464-3fdac5748d24|Medium|Networking and Firewall|Query details
Documentation
|
-|Trusted Microsoft Services Not Enabled
5400f379-a347-4bdd-a032-446465fdcc6f|Medium|Networking and Firewall|Query details
Documentation
|
-|WAF Is Disabled For Azure Application Gateway
2e48d91c-50e4-45c8-9312-27b625868a72|Medium|Networking and Firewall|Query details
Documentation
|
-|Email Alerts Disabled
9db38e87-f6aa-4b5e-a1ec-7266df259409|Medium|Observability|Query details
Documentation
|
-|Log Retention Is Not Set
ffb02aca-0d12-475e-b77c-a726f7aeff4b|Medium|Observability|Query details
Documentation
|
-|MSSQL Server Auditing Disabled
609839ae-bd81-4375-9910-5bce72ae7b92|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Checkpoints Disabled
3790d386-be81-4dcf-9850-eaa7df6c10d9|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Connections Not Set
c640d783-10c5-4071-b6c1-23507300d333|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Disconnections Not Set
07f7134f-9f37-476e-8664-670c218e4702|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Log Duration Not Set
16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Server Without Connection Throttling
2b3c671f-1b76-4741-8789-ed1fe0785dc4|Medium|Observability|Query details
Documentation
|
-|SQL Server Auditing Disabled
f7e296b0-6660-4bc5-8f87-22ac4a815edf|Medium|Observability|Query details
Documentation
|
-|Vault Auditing Disabled
38c71c00-c177-4cd7-8d36-cd1007cdb190|Medium|Observability|Query details
Documentation
|
-|PostgreSQL Server Threat Detection Policy Disabled
c407c3cf-c409-4b29-b590-db5f4138d332|Medium|Resource Management|Query details
Documentation
|
-|SQL Database Audit Disabled
83a229ba-483e-47c6-8db7-dc96969bce5a|Medium|Resource Management|Query details
Documentation
|
-|Key Expiration Not Set
4d080822-5ee2-49a4-8984-68f3d4c890fc|Medium|Secret Management|Query details
Documentation
|
-|Secret Expiration Not Set
dfa20ffa-f476-428f-a490-424b41e91c7f|Medium|Secret Management|Query details
Documentation
|
-|Azure Active Directory Authentication
a21c8da9-41bf-40cf-941d-330cf0d11fc7|Low|Access Control|Query details
Documentation
|
-|Virtual Network with DDoS Protection Plan disabled
b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a|Low|Availability|Query details
Documentation
|
-|Geo Redundancy Is Disabled
8b042c30-e441-453f-b162-7696982ebc58|Low|Backup|Query details
Documentation
|
-|MariaDB Server Geo-redundant Backup Disabled
0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1|Low|Backup|Query details
Documentation
|
-|AKS Uses Azure Policies Add-On Disabled
43789711-161b-4708-b5bb-9d1c626f7492|Low|Best Practices|Query details
Documentation
|
-|App Service Without Latest PHP Version
96fe318e-d631-4156-99fa-9080d57280ae|Low|Best Practices|Query details
Documentation
|
-|App Service Without Latest Python Version
cc4aaa9d-1070-461a-b519-04e00f42db8a|Low|Best Practices|Query details
Documentation
|
-|SQL Server Predictable Active Directory Account Name
bcd3fc01-5902-4f2a-b05a-227f9bbf5450|Low|Best Practices|Query details
Documentation
|
-|SQL Server Predictable Admin Account Name
2ab6de9a-0136-415c-be92-79d2e4fd750f|Low|Best Practices|Query details
Documentation
|
-|Cosmos DB Account Without Tags
56dad03e-e94f-4dd6-93a4-c253a03ff7a0|Low|Build Process|Query details
Documentation
|
-|AKS Disk Encryption Set ID Undefined
b17d8bb8-4c08-4785-867e-cb9e62a622aa|Low|Encryption|Query details
Documentation
|
-|PostgreSQL Server Infrastructure Encryption Disabled
6425c98b-ca4e-41fe-896a-c78772c131f8|Low|Encryption|Query details
Documentation
|
-|AKS Network Policy Misconfigured
f5342045-b935-402d-adf1-8dbbd09c0eef|Low|Insecure Configurations|Query details
Documentation
|
-|Dashboard Is Enabled
61c3cb8b-0715-47e4-b788-86dde40dd2db|Low|Insecure Configurations|Query details
Documentation
|
-|Azure Front Door WAF Disabled
835a4f2f-df43-437d-9943-545ccfc55961|Low|Networking and Firewall|Query details
Documentation
|
-|Sensitive Port Is Exposed To Wide Private Network
c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e|Low|Networking and Firewall|Query details
Documentation
|
-|Small Activity Log Retention Period
2b856bf9-8e8c-4005-875f-303a8cba3918|Low|Observability|Query details
Documentation
|
-|Small MSSQL Audit Retention Period
9c301481-e6ec-44f7-8a49-8ec63e2969ea|Low|Observability|Query details
Documentation
|
-|Small MSSQL Server Audit Retention
59acb56b-2b10-4c2c-ba38-f2223c3f5cfc|Low|Observability|Query details
Documentation
|
-|Small PostgreSQL DB Server Log Retention Period
261a83f8-dd72-4e8c-b5e1-ebf06e8fe606|Low|Observability|Query details
Documentation
|
-|App Service Managed Identity Disabled
b61cce4b-0cc4-472b-8096-15617a6d769b|Low|Resource Management|Query details
Documentation
|
-|SQL Server Alert Email Disabled
55975007-f6e7-4134-83c3-298f1fe4b519|Info|Best Practices|Query details
Documentation
|
+|CosmosDB Account IP Range Filter Not Set
c2a3efb6-8a58-481c-82f2-bfddf34bb4b7|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Entirely Accessible
fd8da341-6760-4450-b26c-9f6d8850575e|Critical|Networking and Firewall|Query details
Documentation
|
+|Redis Publicly Accessible
5089d055-53ff-421b-9482-a5267bdce629|Critical|Networking and Firewall|Query details
Documentation
|
+|SQLServer Ingress From Any IP
25c0ea09-f1c5-4380-b055-3b83863f2bb8|Critical|Networking and Firewall|Query details
Documentation
|
+|Unrestricted SQL Server Access
d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28|Critical|Networking and Firewall|Query details
Documentation
|
+|Public Storage Account
17f75827-0684-48f4-8747-61129c7e4198|High|Access Control|Query details
Documentation
|
+|Storage Container Is Publicly Accessible
dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299|High|Access Control|Query details
Documentation
|
+|Azure Container Registry With No Locks
a187ac47-8163-42ce-8a63-c115236be6fb|High|Insecure Configurations|Query details
Documentation
|
+|Security Group is Not Configured
5c822443-e1ea-46b8-84eb-758ec602e844|High|Insecure Configurations|Query details
Documentation
|
+|MariaDB Server Public Network Access Enabled
7f0a8696-7159-4337-ad0d-8a3ab4a78195|High|Networking and Firewall|Query details
Documentation
|
+|MSSQL Server Public Network Access Enabled
ade36cf4-329f-4830-a83d-9db72c800507|High|Networking and Firewall|Query details
Documentation
|
+|MySQL Server Public Access Enabled
f118890b-2468-42b1-9ce9-af35146b425b|High|Networking and Firewall|Query details
Documentation
|
+|RDP Is Exposed To The Internet
efbf6449-5ec5-4cfe-8f15-acc51e0d787c|High|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Entire Network
594c198b-4d79-41b8-9b36-fde13348b619|High|Networking and Firewall|Query details
Documentation
|
+|Admin User Enabled For Container Registry
b897dfbf-322c-45a8-b67c-1e698beeaa51|Medium|Access Control|Query details
Documentation
|
+|AKS RBAC Disabled
86f92117-eed8-4614-9c6c-b26da20ff37f|Medium|Access Control|Query details
Documentation
|
+|App Service Authentication Disabled
c7fc1481-2899-4490-bbd8-544a3a61a2f3|Medium|Access Control|Query details
Documentation
|
+|Function App Authentication Disabled
e65a0733-94a0-4826-82f4-df529f4c593f|Medium|Access Control|Query details
Documentation
|
+|Role Assignment Not Limit Guest User Permissions
8e75e431-449f-49e9-b56a-c8f1378025cf|Medium|Access Control|Query details
Documentation
|
+|Role Definition Allows Custom Role Creation
3fa5900f-9aac-4982-96b2-a6143d9c99fb|Medium|Access Control|Query details
Documentation
|
+|Storage Share File Allows All ACL Permissions
48bbe0fd-57e4-4678-a4a1-119e79c90fc3|Medium|Access Control|Query details
Documentation
|
+|Storage Table Allows All ACL Permissions
3ac3e75c-6374-4a32-8ba0-6ed69bda404e|Medium|Access Control|Query details
Documentation
|
+|Azure Instance Using Basic Authentication
dafe30ec-325d-4516-85d1-e8e6776f012c|Medium|Best Practices|Query details
Documentation
|
+|Key Vault Secrets Content Type Undefined
f8e08a38-fc6e-4915-abbe-a7aadf1d59ef|Medium|Best Practices|Query details
Documentation
|
+|Security Contact Email
34664094-59e0-4524-b69f-deaa1a68cce3|Medium|Best Practices|Query details
Documentation
|
+|App Service Not Using Latest TLS Encryption Version
b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643|Medium|Encryption|Query details
Documentation
|
+|Encryption On Managed Disk Disabled
a99130ab-4c0e-43aa-97f8-78d4fcb30024|Medium|Encryption|Query details
Documentation
|
+|Function App Not Using Latest TLS Encryption Version
45fc717a-bd86-415c-bdd8-677901be1aa6|Medium|Encryption|Query details
Documentation
|
+|MySQL SSL Connection Disabled
73e42469-3a86-4f39-ad78-098f325b4e9f|Medium|Encryption|Query details
Documentation
|
+|SSL Enforce Disabled
0437633b-daa6-4bbc-8526-c0d2443b946e|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Forcing HTTPS
12944ec4-1fa0-47be-8b17-42a034f937c2|Medium|Encryption|Query details
Documentation
|
+|Storage Account Not Using Latest TLS Encryption Version
8263f146-5e03-43e0-9cfe-db960d56d1e7|Medium|Encryption|Query details
Documentation
|
+|AD Admin Not Configured For SQL Server
a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b|Medium|Insecure Configurations|Query details
Documentation
|
+|AKS Private Cluster Disabled
599318f2-6653-4569-9e21-041d06c63a89|Medium|Insecure Configurations|Query details
Documentation
|
+|App Service FTPS Enforce Disabled
85da374f-b00f-4832-9d44-84a1ca1e89f8|Medium|Insecure Configurations|Query details
Documentation
|
+|App Service HTTP2 Disabled
525b53be-62ed-4244-b4df-41aecfcb4071|Medium|Insecure Configurations|Query details
Documentation
|
+|Azure App Service Client Certificate Disabled
a81573f9-3691-4d83-88a0-7d4af63e17a3|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App Client Certificates Unrequired
9bb3c639-5edf-458c-8ee5-30c17c7d671d|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App FTPS Enforce Disabled
9dab0179-433d-4dff-af8f-0091025691df|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App HTTP2 Disabled
ace823d1-4432-4dee-945b-cdf11a5a6bd0|Medium|Insecure Configurations|Query details
Documentation
|
+|Function App Managed Identity Disabled
c87749b3-ff10-41f5-9df2-c421e8151759|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Watcher Flow Disabled
b90842e5-6779-44d4-9760-972f4c03ba1c|Medium|Insecure Configurations|Query details
Documentation
|
+|Redis Cache Allows Non SSL Connections
e29a75e6-aba3-4896-b42d-b87818c16b58|Medium|Insecure Configurations|Query details
Documentation
|
+|Redis Not Updated Regularly
b947809d-dd2f-4de9-b724-04d101c515aa|Medium|Insecure Configurations|Query details
Documentation
|
+|Security Center Pricing Tier Is Not Standard
819d50fd-1cdf-45c3-9936-be408aaad93e|Medium|Insecure Configurations|Query details
Documentation
|
+|Small Flow Logs Retention Period
7750fcca-dd03-4d38-b663-4b70289bcfd4|Medium|Insecure Configurations|Query details
Documentation
|
+|VM Not Attached To Network
bbf6b3df-4b65-4f87-82cc-da9f30f8c033|Medium|Insecure Configurations|Query details
Documentation
|
+|Web App Accepting Traffic Other Than HTTPS
11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe|Medium|Insecure Configurations|Query details
Documentation
|
+|Default Azure Storage Account Network Access Is Too Permissive
a5613650-32ec-4975-a305-31af783153ea|Medium|Insecure Defaults|Query details
Documentation
|
+|Azure Cognitive Search Public Network Access Enabled
4a9e0f00-0765-4f72-a0d4-d31110b78279|Medium|Networking and Firewall|Query details
Documentation
|
+|Firewall Rule Allows Too Many Hosts To Access Redis Cache
a829b715-cf75-4e92-b645-54c9b739edfb|Medium|Networking and Firewall|Query details
Documentation
|
+|Network Interfaces IP Forwarding Enabled
4216ebac-d74c-4423-b437-35025cb88af5|Medium|Networking and Firewall|Query details
Documentation
|
+|Network Interfaces With Public IP
c1573577-e494-4417-8854-7e119368dc8b|Medium|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Small Public Network
e9dee01f-2505-4df2-b9bf-7804d1fd9082|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Is Exposed To The Internet
3e3c175e-aadf-4e2b-a464-3fdac5748d24|Medium|Networking and Firewall|Query details
Documentation
|
+|Trusted Microsoft Services Not Enabled
5400f379-a347-4bdd-a032-446465fdcc6f|Medium|Networking and Firewall|Query details
Documentation
|
+|WAF Is Disabled For Azure Application Gateway
2e48d91c-50e4-45c8-9312-27b625868a72|Medium|Networking and Firewall|Query details
Documentation
|
+|Email Alerts Disabled
9db38e87-f6aa-4b5e-a1ec-7266df259409|Medium|Observability|Query details
Documentation
|
+|Log Retention Is Not Set
ffb02aca-0d12-475e-b77c-a726f7aeff4b|Medium|Observability|Query details
Documentation
|
+|MSSQL Server Auditing Disabled
609839ae-bd81-4375-9910-5bce72ae7b92|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Checkpoints Disabled
3790d386-be81-4dcf-9850-eaa7df6c10d9|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Connections Not Set
c640d783-10c5-4071-b6c1-23507300d333|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Disconnections Not Set
07f7134f-9f37-476e-8664-670c218e4702|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Log Duration Not Set
16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Server Without Connection Throttling
2b3c671f-1b76-4741-8789-ed1fe0785dc4|Medium|Observability|Query details
Documentation
|
+|SQL Server Auditing Disabled
f7e296b0-6660-4bc5-8f87-22ac4a815edf|Medium|Observability|Query details
Documentation
|
+|Vault Auditing Disabled
38c71c00-c177-4cd7-8d36-cd1007cdb190|Medium|Observability|Query details
Documentation
|
+|PostgreSQL Server Threat Detection Policy Disabled
c407c3cf-c409-4b29-b590-db5f4138d332|Medium|Resource Management|Query details
Documentation
|
+|SQL Database Audit Disabled
83a229ba-483e-47c6-8db7-dc96969bce5a|Medium|Resource Management|Query details
Documentation
|
+|Key Expiration Not Set
4d080822-5ee2-49a4-8984-68f3d4c890fc|Medium|Secret Management|Query details
Documentation
|
+|Secret Expiration Not Set
dfa20ffa-f476-428f-a490-424b41e91c7f|Medium|Secret Management|Query details
Documentation
|
+|Azure Active Directory Authentication
a21c8da9-41bf-40cf-941d-330cf0d11fc7|Low|Access Control|Query details
Documentation
|
+|Virtual Network with DDoS Protection Plan disabled
b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a|Low|Availability|Query details
Documentation
|
+|Geo Redundancy Is Disabled
8b042c30-e441-453f-b162-7696982ebc58|Low|Backup|Query details
Documentation
|
+|MariaDB Server Geo-redundant Backup Disabled
0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1|Low|Backup|Query details
Documentation
|
+|AKS Uses Azure Policies Add-On Disabled
43789711-161b-4708-b5bb-9d1c626f7492|Low|Best Practices|Query details
Documentation
|
+|App Service Without Latest PHP Version
96fe318e-d631-4156-99fa-9080d57280ae|Low|Best Practices|Query details
Documentation
|
+|App Service Without Latest Python Version
cc4aaa9d-1070-461a-b519-04e00f42db8a|Low|Best Practices|Query details
Documentation
|
+|SQL Server Predictable Active Directory Account Name
bcd3fc01-5902-4f2a-b05a-227f9bbf5450|Low|Best Practices|Query details
Documentation
|
+|SQL Server Predictable Admin Account Name
2ab6de9a-0136-415c-be92-79d2e4fd750f|Low|Best Practices|Query details
Documentation
|
+|Cosmos DB Account Without Tags
56dad03e-e94f-4dd6-93a4-c253a03ff7a0|Low|Build Process|Query details
Documentation
|
+|AKS Disk Encryption Set ID Undefined
b17d8bb8-4c08-4785-867e-cb9e62a622aa|Low|Encryption|Query details
Documentation
|
+|PostgreSQL Server Infrastructure Encryption Disabled
6425c98b-ca4e-41fe-896a-c78772c131f8|Low|Encryption|Query details
Documentation
|
+|AKS Network Policy Misconfigured
f5342045-b935-402d-adf1-8dbbd09c0eef|Low|Insecure Configurations|Query details
Documentation
|
+|Dashboard Is Enabled
61c3cb8b-0715-47e4-b788-86dde40dd2db|Low|Insecure Configurations|Query details
Documentation
|
+|Azure Front Door WAF Disabled
835a4f2f-df43-437d-9943-545ccfc55961|Low|Networking and Firewall|Query details
Documentation
|
+|Sensitive Port Is Exposed To Wide Private Network
c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e|Low|Networking and Firewall|Query details
Documentation
|
+|Small Activity Log Retention Period
2b856bf9-8e8c-4005-875f-303a8cba3918|Low|Observability|Query details
Documentation
|
+|Small MSSQL Audit Retention Period
9c301481-e6ec-44f7-8a49-8ec63e2969ea|Low|Observability|Query details
Documentation
|
+|Small MSSQL Server Audit Retention
59acb56b-2b10-4c2c-ba38-f2223c3f5cfc|Low|Observability|Query details
Documentation
|
+|Small PostgreSQL DB Server Log Retention Period
261a83f8-dd72-4e8c-b5e1-ebf06e8fe606|Low|Observability|Query details
Documentation
|
+|App Service Managed Identity Disabled
b61cce4b-0cc4-472b-8096-15617a6d769b|Low|Resource Management|Query details
Documentation
|
+|SQL Server Alert Email Disabled
55975007-f6e7-4134-83c3-298f1fe4b519|Info|Best Practices|Query details
Documentation
|
### DATABRICKS
Below are listed queries related to Terraform DATABRICKS:
@@ -530,17 +530,17 @@ Below are listed queries related to Terraform DATABRICKS:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|(Beta) Databricks Cluster or Job With None Or Insecure Permission(s)
a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Unrestricted Databricks ACL
2c4fe4a9-f44b-4c70-b09b-5b75cd251805|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Job's Task is Legacy (spark_submit_task)
375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7|Medium|Best Practices|Query details
Documentation
|
-|(Beta) Indefinitely Databricks OBO Token Lifetime
23e1f5f0-12b7-4d7e-9087-f60f42ccd514|Medium|Insecure Defaults|Query details
Documentation
|
-|(Beta) Indefinitely Databricks Token Lifetime
7d05ca25-91b4-42ee-b6f6-b06611a87ce8|Medium|Insecure Defaults|Query details
Documentation
|
-|(Beta) Databricks Autoscale Badly Setup
953c0cc6-5f30-44cb-a803-bf4ef2571be8|Medium|Resource Management|Query details
Documentation
|
-|(Beta) Databricks Group Without User Or Instance Profile
23c3067a-8cc9-480c-b645-7c1e0ad4bf60|Low|Access Control|Query details
Documentation
|
-|(Beta) Check Databricks Cluster AWS Attribute Best Practices
b0749c53-e3ff-4d09-bbe4-dca94e2e7a38|Low|Best Practices|Query details
Documentation
|
-|(Beta) Check Databricks Cluster Azure Attribute Best Practices
38028698-e663-4ef7-aa92-773fef0ca86f|Low|Best Practices|Query details
Documentation
|
-|(Beta) Check Databricks Cluster GCP Attribute Best Practices
539e4557-d2b5-4d57-a001-cb01140a4e2d|Low|Best Practices|Query details
Documentation
|
-|(Beta) Check use no LTS Spark Version
5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6|Low|Best Practices|Query details
Documentation
|
+|Beta - Databricks Cluster or Job With None Or Insecure Permission(s)
a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Unrestricted Databricks ACL
2c4fe4a9-f44b-4c70-b09b-5b75cd251805|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Job's Task is Legacy (spark_submit_task)
375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7|Medium|Best Practices|Query details
Documentation
|
+|Beta - Indefinitely Databricks OBO Token Lifetime
23e1f5f0-12b7-4d7e-9087-f60f42ccd514|Medium|Insecure Defaults|Query details
Documentation
|
+|Beta - Indefinitely Databricks Token Lifetime
7d05ca25-91b4-42ee-b6f6-b06611a87ce8|Medium|Insecure Defaults|Query details
Documentation
|
+|Beta - Databricks Autoscale Badly Setup
953c0cc6-5f30-44cb-a803-bf4ef2571be8|Medium|Resource Management|Query details
Documentation
|
+|Beta - Databricks Group Without User Or Instance Profile
23c3067a-8cc9-480c-b645-7c1e0ad4bf60|Low|Access Control|Query details
Documentation
|
+|Beta - Check Databricks Cluster AWS Attribute Best Practices
b0749c53-e3ff-4d09-bbe4-dca94e2e7a38|Low|Best Practices|Query details
Documentation
|
+|Beta - Check Databricks Cluster Azure Attribute Best Practices
38028698-e663-4ef7-aa92-773fef0ca86f|Low|Best Practices|Query details
Documentation
|
+|Beta - Check Databricks Cluster GCP Attribute Best Practices
539e4557-d2b5-4d57-a001-cb01140a4e2d|Low|Best Practices|Query details
Documentation
|
+|Beta - Check use no LTS Spark Version
5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6|Low|Best Practices|Query details
Documentation
|
### GCP
Below are listed queries related to Terraform GCP:
@@ -549,60 +549,60 @@ Below are listed queries related to Terraform GCP:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Cloud Storage Anonymous or Publicly Accessible
a6cd52a1-3056-4910-96a5-894de9f3f3b3|Critical|Access Control|Query details
Documentation
|
-|SQL DB Instance Publicly Accessible
b187edca-b81e-4fdc-aff4-aab57db45edb|Critical|Insecure Configurations|Query details
Documentation
|
-|BigQuery Dataset Is Public
e576ce44-dd03-4022-a8c0-3906acca2ab4|High|Access Control|Query details
Documentation
|
-|Google Project IAM Binding Service Account has Token Creator or Account User Role
617ef6ff-711e-4bd7-94ae-e965911b1b40|High|Access Control|Query details
Documentation
|
-|Google Project IAM Member Service Account Has Admin Role
84d36481-fd63-48cb-838e-635c44806ec2|High|Access Control|Query details
Documentation
|
-|Google Project IAM Member Service Account has Token Creator or Account User Role
c68b4e6d-4e01-4ca1-b256-1e18e875785c|High|Access Control|Query details
Documentation
|
-|KMS Crypto Key is Publicly Accessible
16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5|High|Encryption|Query details
Documentation
|
-|SQL DB Instance With SSL Disabled
02474449-71aa-40a1-87ae-e14497747b00|High|Encryption|Query details
Documentation
|
-|GKE Legacy Authorization Enabled
5baa92d2-d8ee-4c75-88a4-52d9d8bb8067|High|Insecure Configurations|Query details
Documentation
|
-|Google Storage Bucket Level Access Disabled
bb0db090-5509-4853-a827-75ced0b3caa0|High|Insecure Configurations|Query details
Documentation
|
-|RDP Access Is Not Restricted
678fd659-96f2-454a-a2a0-c2571f83a4a3|High|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Is Publicly Accessible
c010082c-76e0-4b91-91d9-6e8439e455dd|Medium|Access Control|Query details
Documentation
|
-|KMS Admin and CryptoKey Roles In Use
92e4464a-4139-4d57-8742-b5acc0347680|Medium|Access Control|Query details
Documentation
|
-|OSLogin Disabled
32ecd6eb-0711-421f-9627-1a28d9eff217|Medium|Access Control|Query details
Documentation
|
-|VM With Full Cloud Access
bc280331-27b9-4acb-a010-018e8098aa5d|Medium|Access Control|Query details
Documentation
|
-|SQL DB Instance Backup Disabled
cf3c7631-cd1e-42f3-8801-a561214a6e79|Medium|Backup|Query details
Documentation
|
-|Disk Encryption Disabled
b1d51728-7270-4991-ac2f-fc26e2695b38|Medium|Encryption|Query details
Documentation
|
-|DNSSEC Using RSASHA1
ccc3100c-0fdd-4a5e-9908-c10107291860|Medium|Encryption|Query details
Documentation
|
-|Google Compute SSL Policy Weak Cipher In Use
14a457f0-473d-4d1d-9e37-6d99b355b336|Medium|Encryption|Query details
Documentation
|
-|Cloud DNS Without DNSSEC
5ef61c88-bbb4-4725-b1df-55d23c9676bb|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Container Node Pool Auto Repair Disabled
acfdbec6-4a17-471f-b412-169d77553332|Medium|Insecure Configurations|Query details
Documentation
|
-|Google Project Auto Create Network Disabled
59571246-3f62-4965-a96f-c7d97e269351|Medium|Insecure Configurations|Query details
Documentation
|
-|IP Aliasing Disabled
c606ba1d-d736-43eb-ac24-e16108f3a9e0|Medium|Insecure Configurations|Query details
Documentation
|
-|Network Policy Disabled
11e7550e-c4b6-472e-adff-c698f157cdd7|Medium|Insecure Configurations|Query details
Documentation
|
-|OSLogin Is Disabled For VM Instance
d0b4d550-c001-46c3-bbdb-d5d75d33f05f|Medium|Insecure Configurations|Query details
Documentation
|
-|Pod Security Policy Disabled
9192e0f9-eca5-4056-9282-ae2a736a4088|Medium|Insecure Configurations|Query details
Documentation
|
-|Private Cluster Disabled
6ccb85d7-0420-4907-9380-50313f80946b|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded GKE Nodes Disabled
579a0727-9c29-4d58-8195-fc5802a8bdb4|Medium|Insecure Configurations|Query details
Documentation
|
-|Shielded VM Disabled
1b44e234-3d73-41a8-9954-0b154135280e|Medium|Insecure Configurations|Query details
Documentation
|
-|GKE Using Default Service Account
1c8eef02-17b1-4a3e-b01d-dcc3292d2c38|Medium|Insecure Defaults|Query details
Documentation
|
-|Using Default Service Account
3cb4af0b-056d-4fb1-8b95-fdc4593625ff|Medium|Insecure Defaults|Query details
Documentation
|
-|Google Compute Network Using Default Firewall Rule
40abce54-95b1-478c-8e5f-ea0bf0bb0e33|Medium|Networking and Firewall|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows All Ports
22ef1d26-80f8-4a6c-8c15-f35aab3cac78|Medium|Networking and Firewall|Query details
Documentation
|
-|IP Forwarding Enabled
f34c0c25-47b4-41eb-9c79-249b4dd47b89|Medium|Networking and Firewall|Query details
Documentation
|
-|Serial Ports Are Enabled For VM Instances
97fa667a-d05b-4f16-9071-58b939f34751|Medium|Networking and Firewall|Query details
Documentation
|
-|SSH Access Is Not Restricted
c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0|Medium|Networking and Firewall|Query details
Documentation
|
-|Cloud Storage Bucket Logging Not Enabled
d6cabc3a-d57e-48c2-b341-bf3dd4f4a120|Medium|Observability|Query details
Documentation
|
-|Cloud Storage Bucket Versioning Disabled
e7e961ac-d17e-4413-84bc-8a1fbe242944|Medium|Observability|Query details
Documentation
|
-|Google Compute Subnetwork Logging Disabled
40430747-442d-450a-a34f-dc57149f4609|Medium|Observability|Query details
Documentation
|
-|Stackdriver Logging Disabled
4c7ebcb2-eae2-461e-bc83-456ee2d4f694|Medium|Observability|Query details
Documentation
|
-|Stackdriver Monitoring Disabled
30e8dfd2-3591-4d19-8d11-79e93106c93d|Medium|Observability|Query details
Documentation
|
-|Node Auto Upgrade Disabled
b139213e-7d24-49c2-8025-c18faa21ecaa|Medium|Resource Management|Query details
Documentation
|
-|Service Account with Improper Privileges
cefdad16-0dd5-4ac5-8ed2-a37502c78672|Medium|Resource Management|Query details
Documentation
|
-|High Google KMS Crypto Key Rotation Period
d8c57c4e-bf6f-4e32-a2bf-8643532de77b|Medium|Secret Management|Query details
Documentation
|
-|Project-wide SSH Keys Are Enabled In VM Instances
3e4d5ce6-3280-4027-8010-c26eeea1ec01|Medium|Secret Management|Query details
Documentation
|
-|User with IAM Role
704fcc44-a58f-4af5-82e2-93f2a58ef918|Low|Access Control|Query details
Documentation
|
-|Outdated GKE Version
128df7ec-f185-48bc-8913-ce756a3ccb85|Low|Best Practices|Query details
Documentation
|
-|Cluster Labels Disabled
65c1bc7a-4835-4ac4-a2b6-13d310b0648d|Low|Insecure Configurations|Query details
Documentation
|
-|COS Node Image Not Used
8a893e46-e267-485a-8690-51f39951de58|Low|Insecure Configurations|Query details
Documentation
|
-|Legacy Client Certificate Auth Enabled
73fb21a1-b19a-45b1-b648-b47b1678681e|Low|Insecure Configurations|Query details
Documentation
|
-|Not Proper Email Account In Use
9356962e-4a4f-4d06-ac59-dc8008775eaa|Low|Insecure Configurations|Query details
Documentation
|
-|Google Compute Network Using Firewall Rule that Allows Port Range
e6f61c37-106b-449f-a5bb-81bfcaceb8b4|Low|Networking and Firewall|Query details
Documentation
|
-|Google Compute Subnetwork with Private Google Access Disabled
ee7b93c1-b3f8-4a3b-9588-146d481814f5|Low|Networking and Firewall|Query details
Documentation
|
-|IAM Audit Not Properly Configured
89fe890f-b480-460c-8b6b-7d8b1468adb4|Low|Observability|Query details
Documentation
|
+|Cloud Storage Anonymous or Publicly Accessible
a6cd52a1-3056-4910-96a5-894de9f3f3b3|Critical|Access Control|Query details
Documentation
|
+|SQL DB Instance Publicly Accessible
b187edca-b81e-4fdc-aff4-aab57db45edb|Critical|Insecure Configurations|Query details
Documentation
|
+|BigQuery Dataset Is Public
e576ce44-dd03-4022-a8c0-3906acca2ab4|High|Access Control|Query details
Documentation
|
+|Google Project IAM Binding Service Account has Token Creator or Account User Role
617ef6ff-711e-4bd7-94ae-e965911b1b40|High|Access Control|Query details
Documentation
|
+|Google Project IAM Member Service Account Has Admin Role
84d36481-fd63-48cb-838e-635c44806ec2|High|Access Control|Query details
Documentation
|
+|Google Project IAM Member Service Account has Token Creator or Account User Role
c68b4e6d-4e01-4ca1-b256-1e18e875785c|High|Access Control|Query details
Documentation
|
+|KMS Crypto Key is Publicly Accessible
16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5|High|Encryption|Query details
Documentation
|
+|SQL DB Instance With SSL Disabled
02474449-71aa-40a1-87ae-e14497747b00|High|Encryption|Query details
Documentation
|
+|GKE Legacy Authorization Enabled
5baa92d2-d8ee-4c75-88a4-52d9d8bb8067|High|Insecure Configurations|Query details
Documentation
|
+|Google Storage Bucket Level Access Disabled
bb0db090-5509-4853-a827-75ced0b3caa0|High|Insecure Configurations|Query details
Documentation
|
+|RDP Access Is Not Restricted
678fd659-96f2-454a-a2a0-c2571f83a4a3|High|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Is Publicly Accessible
c010082c-76e0-4b91-91d9-6e8439e455dd|Medium|Access Control|Query details
Documentation
|
+|KMS Admin and CryptoKey Roles In Use
92e4464a-4139-4d57-8742-b5acc0347680|Medium|Access Control|Query details
Documentation
|
+|OSLogin Disabled
32ecd6eb-0711-421f-9627-1a28d9eff217|Medium|Access Control|Query details
Documentation
|
+|VM With Full Cloud Access
bc280331-27b9-4acb-a010-018e8098aa5d|Medium|Access Control|Query details
Documentation
|
+|SQL DB Instance Backup Disabled
cf3c7631-cd1e-42f3-8801-a561214a6e79|Medium|Backup|Query details
Documentation
|
+|Disk Encryption Disabled
b1d51728-7270-4991-ac2f-fc26e2695b38|Medium|Encryption|Query details
Documentation
|
+|DNSSEC Using RSASHA1
ccc3100c-0fdd-4a5e-9908-c10107291860|Medium|Encryption|Query details
Documentation
|
+|Google Compute SSL Policy Weak Cipher In Use
14a457f0-473d-4d1d-9e37-6d99b355b336|Medium|Encryption|Query details
Documentation
|
+|Cloud DNS Without DNSSEC
5ef61c88-bbb4-4725-b1df-55d23c9676bb|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Container Node Pool Auto Repair Disabled
acfdbec6-4a17-471f-b412-169d77553332|Medium|Insecure Configurations|Query details
Documentation
|
+|Google Project Auto Create Network Disabled
59571246-3f62-4965-a96f-c7d97e269351|Medium|Insecure Configurations|Query details
Documentation
|
+|IP Aliasing Disabled
c606ba1d-d736-43eb-ac24-e16108f3a9e0|Medium|Insecure Configurations|Query details
Documentation
|
+|Network Policy Disabled
11e7550e-c4b6-472e-adff-c698f157cdd7|Medium|Insecure Configurations|Query details
Documentation
|
+|OSLogin Is Disabled For VM Instance
d0b4d550-c001-46c3-bbdb-d5d75d33f05f|Medium|Insecure Configurations|Query details
Documentation
|
+|Pod Security Policy Disabled
9192e0f9-eca5-4056-9282-ae2a736a4088|Medium|Insecure Configurations|Query details
Documentation
|
+|Private Cluster Disabled
6ccb85d7-0420-4907-9380-50313f80946b|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded GKE Nodes Disabled
579a0727-9c29-4d58-8195-fc5802a8bdb4|Medium|Insecure Configurations|Query details
Documentation
|
+|Shielded VM Disabled
1b44e234-3d73-41a8-9954-0b154135280e|Medium|Insecure Configurations|Query details
Documentation
|
+|GKE Using Default Service Account
1c8eef02-17b1-4a3e-b01d-dcc3292d2c38|Medium|Insecure Defaults|Query details
Documentation
|
+|Using Default Service Account
3cb4af0b-056d-4fb1-8b95-fdc4593625ff|Medium|Insecure Defaults|Query details
Documentation
|
+|Google Compute Network Using Default Firewall Rule
40abce54-95b1-478c-8e5f-ea0bf0bb0e33|Medium|Networking and Firewall|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows All Ports
22ef1d26-80f8-4a6c-8c15-f35aab3cac78|Medium|Networking and Firewall|Query details
Documentation
|
+|IP Forwarding Enabled
f34c0c25-47b4-41eb-9c79-249b4dd47b89|Medium|Networking and Firewall|Query details
Documentation
|
+|Serial Ports Are Enabled For VM Instances
97fa667a-d05b-4f16-9071-58b939f34751|Medium|Networking and Firewall|Query details
Documentation
|
+|SSH Access Is Not Restricted
c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0|Medium|Networking and Firewall|Query details
Documentation
|
+|Cloud Storage Bucket Logging Not Enabled
d6cabc3a-d57e-48c2-b341-bf3dd4f4a120|Medium|Observability|Query details
Documentation
|
+|Cloud Storage Bucket Versioning Disabled
e7e961ac-d17e-4413-84bc-8a1fbe242944|Medium|Observability|Query details
Documentation
|
+|Google Compute Subnetwork Logging Disabled
40430747-442d-450a-a34f-dc57149f4609|Medium|Observability|Query details
Documentation
|
+|Stackdriver Logging Disabled
4c7ebcb2-eae2-461e-bc83-456ee2d4f694|Medium|Observability|Query details
Documentation
|
+|Stackdriver Monitoring Disabled
30e8dfd2-3591-4d19-8d11-79e93106c93d|Medium|Observability|Query details
Documentation
|
+|Node Auto Upgrade Disabled
b139213e-7d24-49c2-8025-c18faa21ecaa|Medium|Resource Management|Query details
Documentation
|
+|Service Account with Improper Privileges
cefdad16-0dd5-4ac5-8ed2-a37502c78672|Medium|Resource Management|Query details
Documentation
|
+|High Google KMS Crypto Key Rotation Period
d8c57c4e-bf6f-4e32-a2bf-8643532de77b|Medium|Secret Management|Query details
Documentation
|
+|Project-wide SSH Keys Are Enabled In VM Instances
3e4d5ce6-3280-4027-8010-c26eeea1ec01|Medium|Secret Management|Query details
Documentation
|
+|User with IAM Role
704fcc44-a58f-4af5-82e2-93f2a58ef918|Low|Access Control|Query details
Documentation
|
+|Outdated GKE Version
128df7ec-f185-48bc-8913-ce756a3ccb85|Low|Best Practices|Query details
Documentation
|
+|Cluster Labels Disabled
65c1bc7a-4835-4ac4-a2b6-13d310b0648d|Low|Insecure Configurations|Query details
Documentation
|
+|COS Node Image Not Used
8a893e46-e267-485a-8690-51f39951de58|Low|Insecure Configurations|Query details
Documentation
|
+|Legacy Client Certificate Auth Enabled
73fb21a1-b19a-45b1-b648-b47b1678681e|Low|Insecure Configurations|Query details
Documentation
|
+|Not Proper Email Account In Use
9356962e-4a4f-4d06-ac59-dc8008775eaa|Low|Insecure Configurations|Query details
Documentation
|
+|Google Compute Network Using Firewall Rule that Allows Port Range
e6f61c37-106b-449f-a5bb-81bfcaceb8b4|Low|Networking and Firewall|Query details
Documentation
|
+|Google Compute Subnetwork with Private Google Access Disabled
ee7b93c1-b3f8-4a3b-9588-146d481814f5|Low|Networking and Firewall|Query details
Documentation
|
+|IAM Audit Not Properly Configured
89fe890f-b480-460c-8b6b-7d8b1468adb4|Low|Observability|Query details
Documentation
|
### GCP_BOM
Below are listed queries related to Terraform GCP_BOM:
@@ -611,12 +611,12 @@ Below are listed queries related to Terraform GCP_BOM:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|BOM - GCP Dataflow
895ed0d9-6fec-4567-8614-d7a74b599a53|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP FI
c9d81239-c818-4869-9917-1570c62b81fd|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP PD
dd7d70aa-a6ec-460d-b5d2-38b40253b16f|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP PST
4b82202a-b18e-4891-a1eb-a0989850bbb3|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP Redis
bc75ce52-a60a-4660-b533-bce837a5019b|Trace|Bill Of Materials|Query details
Documentation
|
-|BOM - GCP SB
2f06d22c-56bd-4f73-8a51-db001fcf2150|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP Dataflow
895ed0d9-6fec-4567-8614-d7a74b599a53|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP FI
c9d81239-c818-4869-9917-1570c62b81fd|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PD
dd7d70aa-a6ec-460d-b5d2-38b40253b16f|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP PST
4b82202a-b18e-4891-a1eb-a0989850bbb3|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP Redis
bc75ce52-a60a-4660-b533-bce837a5019b|Trace|Bill Of Materials|Query details
Documentation
|
+|BOM - GCP SB
2f06d22c-56bd-4f73-8a51-db001fcf2150|Trace|Bill Of Materials|Query details
Documentation
|
### GITHUB
Below are listed queries related to Terraform GITHUB:
@@ -625,8 +625,8 @@ Below are listed queries related to Terraform GITHUB:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Github Organization Webhook With SSL Disabled
ce7c874e-1b88-450b-a5e4-cb76ada3c8a9|Medium|Encryption|Query details
Documentation
|
-|GitHub Repository Set To Public
15d8a7fd-465a-4d15-a868-add86552f17b|Medium|Insecure Configurations|Query details
Documentation
|
+|Github Organization Webhook With SSL Disabled
ce7c874e-1b88-450b-a5e4-cb76ada3c8a9|Medium|Encryption|Query details
Documentation
|
+|GitHub Repository Set To Public
15d8a7fd-465a-4d15-a868-add86552f17b|Medium|Insecure Configurations|Query details
Documentation
|
### KUBERNETES
Below are listed queries related to Terraform KUBERNETES:
@@ -635,68 +635,68 @@ Below are listed queries related to Terraform KUBERNETES:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Non Kube System Pod With Host Mount
86a947ea-f577-4efb-a8b0-5fc00257d521|High|Access Control|Query details
Documentation
|
-|Cluster Allows Unsafe Sysctls
a9174d31-d526-4ad9-ace4-ce7ddbf52e03|High|Insecure Configurations|Query details
Documentation
|
-|Container Is Privileged
87065ef8-de9b-40d8-9753-f4a4303e27a4|High|Insecure Configurations|Query details
Documentation
|
-|Container Runs Unmasked
0ad60203-c050-4115-83b6-b94bde92541d|High|Insecure Configurations|Query details
Documentation
|
-|Containers With Sys Admin Capabilities
3f55386d-75cd-4e9a-ac47-167b26c04724|High|Insecure Configurations|Query details
Documentation
|
-|Privilege Escalation Allowed
c878abb4-cca5-4724-92b9-289be68bd47c|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Containers To Share The Host Network Namespace
4950837c-0ce5-4e42-9bee-a25eae73740b|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Privilege Escalation
2bff9906-4e9b-4f71-9346-8ebedfdf43ef|High|Insecure Configurations|Query details
Documentation
|
-|PSP Allows Sharing Host IPC
51bed0ac-a8ae-407a-895e-90c6cb0610ce|High|Insecure Configurations|Query details
Documentation
|
-|PSP Set To Privileged
a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9|High|Insecure Configurations|Query details
Documentation
|
-|PSP With Added Capabilities
48388bd2-7201-4dcc-b56d-e8a9efa58fad|High|Insecure Configurations|Query details
Documentation
|
-|Tiller (Helm v2) Is Deployed
ca2fba76-c1a7-4afd-be67-5249f861cb0e|High|Insecure Configurations|Query details
Documentation
|
-|Workload Mounting With Sensitive OS Directory
a737be28-37d8-4bff-aa6d-1be8aa0a0015|High|Insecure Configurations|Query details
Documentation
|
-|Volume Mount With OS Directory Write Permissions
a62a99d1-8196-432f-8f80-3c100b05d62a|High|Resource Management|Query details
Documentation
|
-|Docker Daemon Socket is Exposed to Containers
4e203a65-c8d8-49a2-b749-b124d43c9dc1|Medium|Access Control|Query details
Documentation
|
-|Missing App Armor Config
bd6bd46c-57db-4887-956d-d372f21291b6|Medium|Access Control|Query details
Documentation
|
-|Permissive Access to Create Pods
522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba|Medium|Access Control|Query details
Documentation
|
-|RBAC Roles with Read Secrets Permissions
826abb30-3cd5-4e0b-a93b-67729b4f7e63|Medium|Access Control|Query details
Documentation
|
-|Readiness Probe Is Not Configured
8657197e-3f87-4694-892b-8144701d83c1|Medium|Availability|Query details
Documentation
|
-|Root Containers Admitted
4c415497-7410-4559-90e8-f2c8ac64ee38|Medium|Best Practices|Query details
Documentation
|
-|Incorrect Volume Claim Access Mode ReadWriteOnce
26b047a9-0329-48fd-8fb7-05bbe5ba80ee|Medium|Build Process|Query details
Documentation
|
-|Container Host Pid Is True
587d5d82-70cf-449b-9817-f60f9bccb88c|Medium|Insecure Configurations|Query details
Documentation
|
-|Container Resources Limits Undefined
60af03ff-a421-45c8-b214-6741035476fa|Medium|Insecure Configurations|Query details
Documentation
|
-|Containers With Added Capabilities
fe771ff7-ba15-4f8f-ad7a-8aa232b49a28|Medium|Insecure Configurations|Query details
Documentation
|
-|Ingress Controller Exposes Workload
e2c83c1f-84d7-4467-966c-ed41fd015bb9|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Disabled for PSP
9aa32890-ac1a-45ee-81ca-5164e2098556|Medium|Insecure Configurations|Query details
Documentation
|
-|NET_RAW Capabilities Not Being Dropped
e5587d53-a673-4a6b-b3f2-ba07ec274def|Medium|Insecure Configurations|Query details
Documentation
|
-|Seccomp Profile Is Not Configured
455f2e0c-686d-4fcb-8b5f-3f953f12c43c|Medium|Insecure Configurations|Query details
Documentation
|
-|Role Binding To Default Service Account
3360c01e-c8c0-4812-96a2-a6329b9b7f9f|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Name Undefined Or Empty
24b132df-5cc7-4823-8029-f898e1c50b72|Medium|Insecure Defaults|Query details
Documentation
|
-|Service Account Token Automount Not Disabled
a9a13d4f-f17a-491b-b074-f54bffffcb4a|Medium|Insecure Defaults|Query details
Documentation
|
-|Service With External Load Balancer
2a52567c-abb8-4651-a038-52fa27c77aed|Medium|Networking and Firewall|Query details
Documentation
|
-|Memory Limits Not Defined
fd097ed0-7fe6-4f58-8b71-fef9f0820a21|Medium|Resource Management|Query details
Documentation
|
-|Memory Requests Not Defined
21719347-d02b-497d-bda4-04a03c8e5b61|Medium|Resource Management|Query details
Documentation
|
-|Shared Host IPC Namespace
e94d3121-c2d1-4e34-a295-139bfeb73ea3|Medium|Resource Management|Query details
Documentation
|
-|Shared Host Network Namespace
ac1564a3-c324-4747-9fa1-9dfc234dace0|Medium|Resource Management|Query details
Documentation
|
-|Service Account Allows Access Secrets
07fc3413-e572-42f7-9877-5c8fc6fccfb5|Medium|Secret Management|Query details
Documentation
|
-|Shared Service Account
f74b9c43-161a-4799-bc95-0b0ec81801b9|Medium|Secret Management|Query details
Documentation
|
-|Cluster Admin Rolebinding With Superuser Permissions
17172bc2-56fb-4f17-916f-a014147706cd|Low|Access Control|Query details
Documentation
|
-|Deployment Without PodDisruptionBudget
a05331ee-1653-45cb-91e6-13637a76e4f0|Low|Availability|Query details
Documentation
|
-|HPA Targets Invalid Object
17e52ca3-ddd0-4610-9d56-ce107442e110|Low|Availability|Query details
Documentation
|
-|StatefulSet Without PodDisruptionBudget
7249e3b0-9231-4af3-bc5f-5daf4988ecbf|Low|Availability|Query details
Documentation
|
-|StatefulSet Without Service Name
420e6360-47bb-46f6-9072-b20ed22c842d|Low|Availability|Query details
Documentation
|
-|Metadata Label Is Invalid
bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e|Low|Best Practices|Query details
Documentation
|
-|No Drop Capabilities for Containers
21cef75f-289f-470e-8038-c7cee0664164|Low|Best Practices|Query details
Documentation
|
-|Root Container Not Mounted As Read-only
d532566b-8d9d-4f3b-80bd-361fe802f9c2|Low|Build Process|Query details
Documentation
|
-|StatefulSet Requests Storage
fcc2612a-1dfe-46e4-8ce6-0320959f0040|Low|Build Process|Query details
Documentation
|
-|Default Service Account In Use
737a0dd9-0aaa-4145-8118-f01778262b8a|Low|Insecure Configurations|Query details
Documentation
|
-|Image Pull Policy Of The Container Is Not Set To Always
aa737abf-6b1d-4aba-95aa-5c160bd7f96e|Low|Insecure Configurations|Query details
Documentation
|
-|Image Without Digest
228c4c19-feeb-4c18-848c-800ac70fdfb7|Low|Insecure Configurations|Query details
Documentation
|
-|Pod or Container Without Security Context
ad69e38a-d92e-4357-a8da-f2f29d545883|Low|Insecure Configurations|Query details
Documentation
|
-|Using Default Namespace
abcb818b-5af7-4d72-aba9-6dd84956b451|Low|Insecure Configurations|Query details
Documentation
|
-|Network Policy Is Not Targeting Any Pod
b80b14c6-aaa2-4876-b651-8a48b6c32fbf|Low|Networking and Firewall|Query details
Documentation
|
-|Service Type is NodePort
5c281bf8-d9bb-47f2-b909-3f6bb11874ad|Low|Networking and Firewall|Query details
Documentation
|
-|Workload Host Port Not Specified
4e74cf4f-ff65-4c1a-885c-67ab608206ce|Low|Networking and Firewall|Query details
Documentation
|
-|CPU Limits Not Set
5f4735ce-b9ba-4d95-a089-a37a767b716f|Low|Resource Management|Query details
Documentation
|
-|CPU Requests Not Set
577ac19c-6a77-46d7-9f14-e049cdd15ec2|Low|Resource Management|Query details
Documentation
|
-|CronJob Deadline Not Configured
58876b44-a690-4e9f-9214-7735fa0dd15d|Low|Resource Management|Query details
Documentation
|
-|Deployment Has No PodAntiAffinity
461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3|Low|Resource Management|Query details
Documentation
|
-|Secrets As Environment Variables
6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8|Low|Secret Management|Query details
Documentation
|
-|Invalid Image
e76cca7c-c3f9-4fc9-884c-b2831168ebd8|Low|Supply-Chain|Query details
Documentation
|
-|Liveness Probe Is Not Defined
5b6d53dd-3ba3-4269-b4d7-f82e880e43c3|Info|Availability|Query details
Documentation
|
+|Non Kube System Pod With Host Mount
86a947ea-f577-4efb-a8b0-5fc00257d521|High|Access Control|Query details
Documentation
|
+|Cluster Allows Unsafe Sysctls
a9174d31-d526-4ad9-ace4-ce7ddbf52e03|High|Insecure Configurations|Query details
Documentation
|
+|Container Is Privileged
87065ef8-de9b-40d8-9753-f4a4303e27a4|High|Insecure Configurations|Query details
Documentation
|
+|Container Runs Unmasked
0ad60203-c050-4115-83b6-b94bde92541d|High|Insecure Configurations|Query details
Documentation
|
+|Containers With Sys Admin Capabilities
3f55386d-75cd-4e9a-ac47-167b26c04724|High|Insecure Configurations|Query details
Documentation
|
+|Privilege Escalation Allowed
c878abb4-cca5-4724-92b9-289be68bd47c|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Containers To Share The Host Network Namespace
4950837c-0ce5-4e42-9bee-a25eae73740b|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Privilege Escalation
2bff9906-4e9b-4f71-9346-8ebedfdf43ef|High|Insecure Configurations|Query details
Documentation
|
+|PSP Allows Sharing Host IPC
51bed0ac-a8ae-407a-895e-90c6cb0610ce|High|Insecure Configurations|Query details
Documentation
|
+|PSP Set To Privileged
a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9|High|Insecure Configurations|Query details
Documentation
|
+|PSP With Added Capabilities
48388bd2-7201-4dcc-b56d-e8a9efa58fad|High|Insecure Configurations|Query details
Documentation
|
+|Tiller (Helm v2) Is Deployed
ca2fba76-c1a7-4afd-be67-5249f861cb0e|High|Insecure Configurations|Query details
Documentation
|
+|Workload Mounting With Sensitive OS Directory
a737be28-37d8-4bff-aa6d-1be8aa0a0015|High|Insecure Configurations|Query details
Documentation
|
+|Volume Mount With OS Directory Write Permissions
a62a99d1-8196-432f-8f80-3c100b05d62a|High|Resource Management|Query details
Documentation
|
+|Docker Daemon Socket is Exposed to Containers
4e203a65-c8d8-49a2-b749-b124d43c9dc1|Medium|Access Control|Query details
Documentation
|
+|Missing App Armor Config
bd6bd46c-57db-4887-956d-d372f21291b6|Medium|Access Control|Query details
Documentation
|
+|Permissive Access to Create Pods
522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba|Medium|Access Control|Query details
Documentation
|
+|RBAC Roles with Read Secrets Permissions
826abb30-3cd5-4e0b-a93b-67729b4f7e63|Medium|Access Control|Query details
Documentation
|
+|Readiness Probe Is Not Configured
8657197e-3f87-4694-892b-8144701d83c1|Medium|Availability|Query details
Documentation
|
+|Root Containers Admitted
4c415497-7410-4559-90e8-f2c8ac64ee38|Medium|Best Practices|Query details
Documentation
|
+|Incorrect Volume Claim Access Mode ReadWriteOnce
26b047a9-0329-48fd-8fb7-05bbe5ba80ee|Medium|Build Process|Query details
Documentation
|
+|Container Host Pid Is True
587d5d82-70cf-449b-9817-f60f9bccb88c|Medium|Insecure Configurations|Query details
Documentation
|
+|Container Resources Limits Undefined
60af03ff-a421-45c8-b214-6741035476fa|Medium|Insecure Configurations|Query details
Documentation
|
+|Containers With Added Capabilities
fe771ff7-ba15-4f8f-ad7a-8aa232b49a28|Medium|Insecure Configurations|Query details
Documentation
|
+|Ingress Controller Exposes Workload
e2c83c1f-84d7-4467-966c-ed41fd015bb9|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Disabled for PSP
9aa32890-ac1a-45ee-81ca-5164e2098556|Medium|Insecure Configurations|Query details
Documentation
|
+|NET_RAW Capabilities Not Being Dropped
e5587d53-a673-4a6b-b3f2-ba07ec274def|Medium|Insecure Configurations|Query details
Documentation
|
+|Seccomp Profile Is Not Configured
455f2e0c-686d-4fcb-8b5f-3f953f12c43c|Medium|Insecure Configurations|Query details
Documentation
|
+|Role Binding To Default Service Account
3360c01e-c8c0-4812-96a2-a6329b9b7f9f|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Name Undefined Or Empty
24b132df-5cc7-4823-8029-f898e1c50b72|Medium|Insecure Defaults|Query details
Documentation
|
+|Service Account Token Automount Not Disabled
a9a13d4f-f17a-491b-b074-f54bffffcb4a|Medium|Insecure Defaults|Query details
Documentation
|
+|Service With External Load Balancer
2a52567c-abb8-4651-a038-52fa27c77aed|Medium|Networking and Firewall|Query details
Documentation
|
+|Memory Limits Not Defined
fd097ed0-7fe6-4f58-8b71-fef9f0820a21|Medium|Resource Management|Query details
Documentation
|
+|Memory Requests Not Defined
21719347-d02b-497d-bda4-04a03c8e5b61|Medium|Resource Management|Query details
Documentation
|
+|Shared Host IPC Namespace
e94d3121-c2d1-4e34-a295-139bfeb73ea3|Medium|Resource Management|Query details
Documentation
|
+|Shared Host Network Namespace
ac1564a3-c324-4747-9fa1-9dfc234dace0|Medium|Resource Management|Query details
Documentation
|
+|Service Account Allows Access Secrets
07fc3413-e572-42f7-9877-5c8fc6fccfb5|Medium|Secret Management|Query details
Documentation
|
+|Shared Service Account
f74b9c43-161a-4799-bc95-0b0ec81801b9|Medium|Secret Management|Query details
Documentation
|
+|Cluster Admin Rolebinding With Superuser Permissions
17172bc2-56fb-4f17-916f-a014147706cd|Low|Access Control|Query details
Documentation
|
+|Deployment Without PodDisruptionBudget
a05331ee-1653-45cb-91e6-13637a76e4f0|Low|Availability|Query details
Documentation
|
+|HPA Targets Invalid Object
17e52ca3-ddd0-4610-9d56-ce107442e110|Low|Availability|Query details
Documentation
|
+|StatefulSet Without PodDisruptionBudget
7249e3b0-9231-4af3-bc5f-5daf4988ecbf|Low|Availability|Query details
Documentation
|
+|StatefulSet Without Service Name
420e6360-47bb-46f6-9072-b20ed22c842d|Low|Availability|Query details
Documentation
|
+|Metadata Label Is Invalid
bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e|Low|Best Practices|Query details
Documentation
|
+|No Drop Capabilities for Containers
21cef75f-289f-470e-8038-c7cee0664164|Low|Best Practices|Query details
Documentation
|
+|Root Container Not Mounted As Read-only
d532566b-8d9d-4f3b-80bd-361fe802f9c2|Low|Build Process|Query details
Documentation
|
+|StatefulSet Requests Storage
fcc2612a-1dfe-46e4-8ce6-0320959f0040|Low|Build Process|Query details
Documentation
|
+|Default Service Account In Use
737a0dd9-0aaa-4145-8118-f01778262b8a|Low|Insecure Configurations|Query details
Documentation
|
+|Image Pull Policy Of The Container Is Not Set To Always
aa737abf-6b1d-4aba-95aa-5c160bd7f96e|Low|Insecure Configurations|Query details
Documentation
|
+|Image Without Digest
228c4c19-feeb-4c18-848c-800ac70fdfb7|Low|Insecure Configurations|Query details
Documentation
|
+|Pod or Container Without Security Context
ad69e38a-d92e-4357-a8da-f2f29d545883|Low|Insecure Configurations|Query details
Documentation
|
+|Using Default Namespace
abcb818b-5af7-4d72-aba9-6dd84956b451|Low|Insecure Configurations|Query details
Documentation
|
+|Network Policy Is Not Targeting Any Pod
b80b14c6-aaa2-4876-b651-8a48b6c32fbf|Low|Networking and Firewall|Query details
Documentation
|
+|Service Type is NodePort
5c281bf8-d9bb-47f2-b909-3f6bb11874ad|Low|Networking and Firewall|Query details
Documentation
|
+|Workload Host Port Not Specified
4e74cf4f-ff65-4c1a-885c-67ab608206ce|Low|Networking and Firewall|Query details
Documentation
|
+|CPU Limits Not Set
5f4735ce-b9ba-4d95-a089-a37a767b716f|Low|Resource Management|Query details
Documentation
|
+|CPU Requests Not Set
577ac19c-6a77-46d7-9f14-e049cdd15ec2|Low|Resource Management|Query details
Documentation
|
+|CronJob Deadline Not Configured
58876b44-a690-4e9f-9214-7735fa0dd15d|Low|Resource Management|Query details
Documentation
|
+|Deployment Has No PodAntiAffinity
461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3|Low|Resource Management|Query details
Documentation
|
+|Secrets As Environment Variables
6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8|Low|Secret Management|Query details
Documentation
|
+|Invalid Image
e76cca7c-c3f9-4fc9-884c-b2831168ebd8|Low|Supply-Chain|Query details
Documentation
|
+|Liveness Probe Is Not Defined
5b6d53dd-3ba3-4269-b4d7-f82e880e43c3|Info|Availability|Query details
Documentation
|
### NIFCLOUD
Below are listed queries related to Terraform NIFCLOUD:
@@ -705,30 +705,30 @@ Below are listed queries related to Terraform NIFCLOUD:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|(Beta) Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud ELB Listener Use HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud ELB Use HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Listener Use HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Use HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Use Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud LB Use Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Router Undefined Security Group To Router
e7dada38-af20-4899-8955-dabea84ab1f0|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
b3535a48-910c-47f8-8b3b-14222f29ef80|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Medium|Backup|Query details
Documentation
|
-|(Beta) Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud ELB Listener Use HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud ELB Use HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Listener Use HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Use HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Use Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud LB Use Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|High|Insecure Configurations|Query details
Documentation
|
+|Beta - Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Router Undefined Security Group To Router
e7dada38-af20-4899-8955-dabea84ab1f0|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
b3535a48-910c-47f8-8b3b-14222f29ef80|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Medium|Backup|Query details
Documentation
|
+|Beta - Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Low|Networking and Firewall|Query details
Documentation
|
### SHARED (V2/V3)
Below are listed queries related to Terraform SHARED (V2/V3):
@@ -737,11 +737,11 @@ Below are listed queries related to Terraform SHARED (V2/V3):
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|Generic Git Module Without Revision
3a81fc06-566f-492a-91dd-7448e409e2cd|Info|Best Practices|Query details
Documentation
|
-|Name Is Not Snake Case
1e434b25-8763-4b00-a5ca-ca03b7abbb66|Info|Best Practices|Query details
Documentation
|
-|Output Without Description
59312e8a-a64e-41e7-a252-618533dd1ea8|Info|Best Practices|Query details
Documentation
|
-|Variable Without Description
2a153952-2544-4687-bcc9-cc8fea814a9b|Info|Best Practices|Query details
Documentation
|
-|Variable Without Type
fc5109bf-01fd-49fb-8bde-4492b543c34a|Info|Best Practices|Query details
Documentation
|
+|Generic Git Module Without Revision
3a81fc06-566f-492a-91dd-7448e409e2cd|Info|Best Practices|Query details
Documentation
|
+|Name Is Not Snake Case
1e434b25-8763-4b00-a5ca-ca03b7abbb66|Info|Best Practices|Query details
Documentation
|
+|Output Without Description
59312e8a-a64e-41e7-a252-618533dd1ea8|Info|Best Practices|Query details
Documentation
|
+|Variable Without Description
2a153952-2544-4687-bcc9-cc8fea814a9b|Info|Best Practices|Query details
Documentation
|
+|Variable Without Type
fc5109bf-01fd-49fb-8bde-4492b543c34a|Info|Best Practices|Query details
Documentation
|
### TENCENTCLOUD
Below are listed queries related to Terraform TENCENTCLOUD:
@@ -750,19 +750,19 @@ Below are listed queries related to Terraform TENCENTCLOUD:
| Query |Severity|Category|More info|
|------------------------------|--------|--------|-----------|
-|(Beta) CLB Listener Using Insecure Protocols
fe08b81c-12e9-4b5e-9006-4218fca750fd|High|Encryption|Query details
Documentation
|
-|(Beta) TKE Cluster Encryption Protection Disabled
3ed47402-e322-465f-a0f0-8681135a17b0|High|Encryption|Query details
Documentation
|
-|(Beta) CDB Instance Internet Service Enabled
5d820574-4a60-4916-b049-0810b8629731|High|Insecure Configurations|Query details
Documentation
|
-|(Beta) CVM Instance Has Public IP
a74b4602-a62c-4a02-956a-e19f86ea24b5|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) Security Group Rule Set Accepts All Traffic
d135a36e-c474-452f-b891-76db1e6d1cd5|High|Networking and Firewall|Query details
Documentation
|
-|(Beta) CDB Instance Without Backup Policy
ca94be07-7de3-4ae7-85ef-67e0462ec694|Medium|Backup|Query details
Documentation
|
-|(Beta) CLB Instance Log Setting Disabled
ada01ed1-b10c-4f2a-b110-b20fa4f9baa6|Medium|Encryption|Query details
Documentation
|
-|(Beta) Disk Encryption Disabled
1ee0f202-31da-49ba-bbce-04a989912e4b|Medium|Encryption|Query details
Documentation
|
-|(Beta) TKE Cluster Has Public Access
df6928ed-02f4-421f-9a67-a529860dd7e7|Medium|Insecure Configurations|Query details
Documentation
|
-|(Beta) CVM Instance Using Default Security Group
93bb2065-63ec-45a2-a466-f106b56f2e32|Low|Access Control|Query details
Documentation
|
-|(Beta) CVM Instance Using User Data
5bb6fa08-5e84-4760-a54a-cdcd66626976|Low|Access Control|Query details
Documentation
|
-|(Beta) CDB Instance Internet Using Default Intranet Port
18d6aa4b-7570-4d95-9c75-90363ef1abd9|Low|Insecure Configurations|Query details
Documentation
|
-|(Beta) CVM Instance Using Default VPC
b4e75c5c-83d5-4568-90e3-57ed5ec4051b|Low|Networking and Firewall|Query details
Documentation
|
-|(Beta) TKE Cluster Log Agent Is Not Enabled
fe405074-7e18-40f9-9aef-024aa1d0a889|Low|Observability|Query details
Documentation
|
-|(Beta) VPC Flow Logs Disabled
a3240001-40db-47b7-abb9-2bcd6a04c430|Low|Observability|Query details
Documentation
|
-|(Beta) CVM Instance Disable Monitor Service
966ed4f7-b8a5-4e8d-b2bf-098657c98960|Info|Observability|Query details
Documentation
|
+|Beta - CLB Listener Using Insecure Protocols
fe08b81c-12e9-4b5e-9006-4218fca750fd|High|Encryption|Query details
Documentation
|
+|Beta - TKE Cluster Encryption Protection Disabled
3ed47402-e322-465f-a0f0-8681135a17b0|High|Encryption|Query details
Documentation
|
+|Beta - CDB Instance Internet Service Enabled
5d820574-4a60-4916-b049-0810b8629731|High|Insecure Configurations|Query details
Documentation
|
+|Beta - CVM Instance Has Public IP
a74b4602-a62c-4a02-956a-e19f86ea24b5|High|Networking and Firewall|Query details
Documentation
|
+|Beta - Security Group Rule Set Accepts All Traffic
d135a36e-c474-452f-b891-76db1e6d1cd5|High|Networking and Firewall|Query details
Documentation
|
+|Beta - CDB Instance Without Backup Policy
ca94be07-7de3-4ae7-85ef-67e0462ec694|Medium|Backup|Query details
Documentation
|
+|Beta - CLB Instance Log Setting Disabled
ada01ed1-b10c-4f2a-b110-b20fa4f9baa6|Medium|Encryption|Query details
Documentation
|
+|Beta - Disk Encryption Disabled
1ee0f202-31da-49ba-bbce-04a989912e4b|Medium|Encryption|Query details
Documentation
|
+|Beta - TKE Cluster Has Public Access
df6928ed-02f4-421f-9a67-a529860dd7e7|Medium|Insecure Configurations|Query details
Documentation
|
+|Beta - CVM Instance Using Default Security Group
93bb2065-63ec-45a2-a466-f106b56f2e32|Low|Access Control|Query details
Documentation
|
+|Beta - CVM Instance Using User Data
5bb6fa08-5e84-4760-a54a-cdcd66626976|Low|Access Control|Query details
Documentation
|
+|Beta - CDB Instance Internet Using Default Intranet Port
18d6aa4b-7570-4d95-9c75-90363ef1abd9|Low|Insecure Configurations|Query details
Documentation
|
+|Beta - CVM Instance Using Default VPC
b4e75c5c-83d5-4568-90e3-57ed5ec4051b|Low|Networking and Firewall|Query details
Documentation
|
+|Beta - TKE Cluster Log Agent Is Not Enabled
fe405074-7e18-40f9-9aef-024aa1d0a889|Low|Observability|Query details
Documentation
|
+|Beta - VPC Flow Logs Disabled
a3240001-40db-47b7-abb9-2bcd6a04c430|Low|Observability|Query details
Documentation
|
+|Beta - CVM Instance Disable Monitor Service
966ed4f7-b8a5-4e8d-b2bf-098657c98960|Info|Observability|Query details
Documentation
|
diff --git a/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md b/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md
index d3482e5d055..fa4c5804a56 100644
--- a/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md
+++ b/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_account_allows_access_secrets)
### Description
diff --git a/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md b/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md
index c10f6d38237..5fad875d70b 100644
--- a/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md
+++ b/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_runs_unmasked)
### Description
diff --git a/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md b/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md
index ae2160644b3..8302e84da6d 100644
--- a/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md
+++ b/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/github/github_repository_set_to_public)
### Description
diff --git a/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md b/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md
index 6f238a6f174..038f89cd3c1 100644
--- a/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md
+++ b/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cluster_admin_role_binding_with_super_user_permissions)
### Description
diff --git a/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md b/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md
index ea30d0118bf..9e2106cd795 100644
--- a/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md
+++ b/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/hpa_targets_invalid_object)
### Description
diff --git a/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md b/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md
index ea1c8af1566..f0cccf88d6e 100644
--- a/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md
+++ b/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/name_is_not_snake_case)
### Description
diff --git a/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md b/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md
index 1ee91849ce2..1496d3c686a 100644
--- a/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md
+++ b/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/memory_requests_not_defined)
### Description
diff --git a/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md b/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md
index 78cf1c29522..c0e1c2c580c 100644
--- a/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md
+++ b/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/no_drop_capabilities_for_containers)
### Description
diff --git a/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md b/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md
index 0dd3a0f188e..8b99ad40f11 100644
--- a/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md
+++ b/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/image_without_digest)
### Description
diff --git a/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md b/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md
index 924568e7855..1655275780a 100644
--- a/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md
+++ b/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Databricks Group Without User Or Instance Profile
+title: Beta - Databricks Group Without User Or Instance Profile
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 23c3067a-8cc9-480c-b645-7c1e0ad4bf60
-- **Query name:** (Beta) Databricks Group Without User Or Instance Profile
+- **Query name:** Beta - Databricks Group Without User Or Instance Profile
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/group_without_user_or_instance_profile)
### Description
diff --git a/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md b/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md
index c88f4262602..a5b5bcc3816 100644
--- a/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md
+++ b/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Indefinitely Databricks OBO Token Lifetime
+title: Beta - Indefinitely Databricks OBO Token Lifetime
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 23e1f5f0-12b7-4d7e-9087-f60f42ccd514
-- **Query name:** (Beta) Indefinitely Databricks OBO Token Lifetime
+- **Query name:** Beta - Indefinitely Databricks OBO Token Lifetime
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/indefinitely_obo_token)
### Description
diff --git a/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md b/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md
index 476e9363e44..b65bc507526 100644
--- a/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md
+++ b/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_account_name_undefined_or_empty)
### Description
diff --git a/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md b/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md
index ccbd845f5c8..853c7de7760 100644
--- a/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md
+++ b/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/incorrect_volume_claim_access_mode_read_write_once)
### Description
diff --git a/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md b/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md
index 94f7031d48c..dc6a79431b6 100644
--- a/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md
+++ b/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/variable_without_description)
### Description
diff --git a/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md b/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md
index fb32f22462f..61f4aac792e 100644
--- a/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md
+++ b/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_with_external_load_balancer)
### Description
diff --git a/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md b/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md
index 3bf8b955181..9a04f732555 100644
--- a/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md
+++ b/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_allows_privilege_escalation)
### Description
diff --git a/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md b/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md
index 3071fb4eeaa..775521fa967 100644
--- a/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md
+++ b/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Unrestricted Databricks ACL
+title: Beta - Unrestricted Databricks ACL
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 2c4fe4a9-f44b-4c70-b09b-5b75cd251805
-- **Query name:** (Beta) Unrestricted Databricks ACL
+- **Query name:** Beta - Unrestricted Databricks ACL
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/unrestricted_acl)
### Description
diff --git a/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md b/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md
index 884fb252ebf..70646310aef 100644
--- a/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md
+++ b/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/role_binding_to_default_service_account)
### Description
diff --git a/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md b/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md
index 9a0c06f144a..1da69b4d6e4 100644
--- a/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md
+++ b/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Job's Task is Legacy (spark_submit_task)
+title: Beta - Job's Task is Legacy (spark_submit_task)
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7
-- **Query name:** (Beta) Job's Task is Legacy (spark_submit_task)
+- **Query name:** Beta - Job's Task is Legacy (spark_submit_task)
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/use_spark_submit_task)
### Description
diff --git a/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md b/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md
index 4402071f656..19ac5922470 100644
--- a/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md
+++ b/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Check Databricks Cluster Azure Attribute Best Practices
+title: Beta - Check Databricks Cluster Azure Attribute Best Practices
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 38028698-e663-4ef7-aa92-773fef0ca86f
-- **Query name:** (Beta) Check Databricks Cluster Azure Attribute Best Practices
+- **Query name:** Beta - Check Databricks Cluster Azure Attribute Best Practices
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/cluster_azure_attributes)
### Description
diff --git a/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md b/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md
index 8b58359e713..9cb941f4d28 100644
--- a/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md
+++ b/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/generic_git_module_without_revision)
### Description
diff --git a/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md b/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md
index 32853a70eab..31c70453032 100644
--- a/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md
+++ b/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/containers_with_sys_admin_capabilities)
### Description
diff --git a/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md b/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md
index e06a2eaf893..6b681499e35 100644
--- a/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md
+++ b/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/statefulset_without_service_name)
### Description
diff --git a/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md b/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md
index 692e3dc1c0e..0091c8be567 100644
--- a/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md
+++ b/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/secoomp_profile_is_not_configured)
### Description
diff --git a/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md b/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md
index d4b99327a80..6083f3ec0c0 100644
--- a/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md
+++ b/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/deployment_has_no_pod_anti_affinity)
### Description
diff --git a/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md b/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md
index 6e46c4af355..db3b54b491b 100644
--- a/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md
+++ b/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_with_added_capabilities)
### Description
diff --git a/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md b/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md
index 22bee10a7e0..e8288bc8f88 100644
--- a/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md
+++ b/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_allows_containers_to_share_the_host_network_namespace)
### Description
diff --git a/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md b/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md
index 29998c3551b..df19a767c42 100644
--- a/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md
+++ b/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/root_containers_admitted)
### Description
diff --git a/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md b/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md
index cec74fdc937..a5bf581a3c7 100644
--- a/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md
+++ b/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/docker_daemon_socket_is_exposed_to_containers)
### Description
diff --git a/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md b/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md
index 0308fbd9476..fe3b6c16895 100644
--- a/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md
+++ b/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/workload_host_port_not_specified)
### Description
diff --git a/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md b/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md
index eddf199c127..aa7a9427b9e 100644
--- a/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md
+++ b/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_allows_sharing_host_ipc)
### Description
diff --git a/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md b/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md
index 519777b5f31..644077bfda1 100644
--- a/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md
+++ b/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/permissive_access_to_create_pods)
### Description
diff --git a/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md b/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md
index 54db9c00bf3..931172c2d51 100644
--- a/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md
+++ b/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Check Databricks Cluster GCP Attribute Best Practices
+title: Beta - Check Databricks Cluster GCP Attribute Best Practices
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 539e4557-d2b5-4d57-a001-cb01140a4e2d
-- **Query name:** (Beta) Check Databricks Cluster GCP Attribute Best Practices
+- **Query name:** Beta - Check Databricks Cluster GCP Attribute Best Practices
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/cluster_gcp_attributes)
### Description
diff --git a/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md b/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md
index dca183fbd9d..9fab27b9a27 100644
--- a/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md
+++ b/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cpu_requests_not_set)
### Description
diff --git a/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md b/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md
index 33df12ff473..a26ef0ee07c 100644
--- a/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md
+++ b/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_host_pid_is_true)
### Description
diff --git a/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md b/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md
index 38ef4339472..ea73a612fd3 100644
--- a/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md
+++ b/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cronjob_deadline_not_configured)
### Description
diff --git a/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md b/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md
index e19d49a3064..11c01f6fa4c 100644
--- a/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md
+++ b/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/output_without_description)
### Description
diff --git a/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md b/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md
index 3c0308ef438..30718e16640 100644
--- a/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md
+++ b/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Check use no LTS Spark Version
+title: Beta - Check use no LTS Spark Version
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6
-- **Query name:** (Beta) Check use no LTS Spark Version
+- **Query name:** Beta - Check use no LTS Spark Version
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/use_lts_spark_version)
### Description
diff --git a/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md b/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md
index 42be58259fc..5b8c714c64e 100644
--- a/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md
+++ b/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined)
### Description
diff --git a/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md b/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md
index 1cddc31c20a..501130c160a 100644
--- a/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md
+++ b/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_type_is_nodeport)
### Description
diff --git a/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md b/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md
index 5dd9543a0ae..03c82851ce6 100644
--- a/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md
+++ b/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cpu_limits_not_set)
### Description
diff --git a/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md b/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md
index b20fb567a64..8a65ee44e96 100644
--- a/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md
+++ b/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_resources_limits_undefined)
### Description
diff --git a/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md b/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md
index 0cd19ce12b4..5ee2fec5045 100644
--- a/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md
+++ b/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/secrets_as_environment_variables)
### Description
diff --git a/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md b/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md
index dd9611bd004..d54458e08fe 100644
--- a/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md
+++ b/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/statefulset_without_pod_disruption_budget)
### Description
diff --git a/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md b/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md
index f4ebcacf682..0dea5ca495a 100644
--- a/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md
+++ b/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/default_service_account_in_use)
### Description
diff --git a/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md b/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md
index 1a13f267b9a..6f602962e3d 100644
--- a/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md
+++ b/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Indefinitely Databricks Token Lifetime
+title: Beta - Indefinitely Databricks Token Lifetime
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 7d05ca25-91b4-42ee-b6f6-b06611a87ce8
-- **Query name:** (Beta) Indefinitely Databricks Token Lifetime
+- **Query name:** Beta - Indefinitely Databricks Token Lifetime
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/indefinitely_token)
### Description
diff --git a/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md b/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md
index d814bd7380e..ece85310981 100644
--- a/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md
+++ b/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/rbac_roles_with_read_secrets_permissions)
### Description
diff --git a/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md b/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md
index cdee2485320..5ebe1299698 100644
--- a/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md
+++ b/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/readiness_probe_is_not_configured)
### Description
diff --git a/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md b/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md
index 776a74f3b84..4037fde4ac1 100644
--- a/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md
+++ b/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/non_kube_system_pod_with_host_mount)
### Description
diff --git a/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md b/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md
index 05a5c9df593..c96a60eb8b6 100644
--- a/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md
+++ b/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_is_privileged)
### Description
diff --git a/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md b/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md
index c0a34b78c5d..3ccac93ad00 100644
--- a/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md
+++ b/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Databricks Autoscale Badly Setup
+title: Beta - Databricks Autoscale Badly Setup
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 953c0cc6-5f30-44cb-a803-bf4ef2571be8
-- **Query name:** (Beta) Databricks Autoscale Badly Setup
+- **Query name:** Beta - Databricks Autoscale Badly Setup
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/autoscale_badly_setup)
### Description
diff --git a/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md b/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md
index f8a1eb660b8..71fe32d2dac 100644
--- a/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md
+++ b/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/net_raw_capabilities_disabled_for_psp)
### Description
diff --git a/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md b/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md
index f044debb1d2..ee004a0ab56 100644
--- a/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md
+++ b/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/deployment_without_pod_disruption_budget)
### Description
diff --git a/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md b/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md
index bf93beea678..90bb1106fa2 100644
--- a/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md
+++ b/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Databricks Cluster or Job With None Or Insecure Permission(s)
+title: Beta - Databricks Cluster or Job With None Or Insecure Permission(s)
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5
-- **Query name:** (Beta) Databricks Cluster or Job With None Or Insecure Permission(s)
+- **Query name:** Beta - Databricks Cluster or Job With None Or Insecure Permission(s)
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/databricks_permissions)
### Description
diff --git a/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md b/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md
index f35bfacdc36..ed66f7efeb9 100644
--- a/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md
+++ b/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/volume_mount_with_os_directory_write_permissions)
### Description
diff --git a/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md b/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md
index c2bb681391f..a806fc7c082 100644
--- a/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md
+++ b/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_set_to_privileged)
### Description
diff --git a/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md b/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md
index b90640622d9..d2ca6347075 100644
--- a/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md
+++ b/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/workload_mounting_with_sensitive_os_directory)
### Description
diff --git a/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md b/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md
index fcacca46966..8eb1e5c259c 100644
--- a/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md
+++ b/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cluster_allows_unsafe_sysctls)
### Description
diff --git a/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md b/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md
index 185fb7d2fb6..299db0f20e8 100644
--- a/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md
+++ b/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_account_token_automount_not_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md b/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md
index bdc8d27cdb5..82844adc210 100644
--- a/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md
+++ b/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/image_pull_policy_of_container_is_not_always)
### Description
diff --git a/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md b/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md
index 18a9ce12d13..11fa87f4ed5 100644
--- a/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md
+++ b/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/using_default_namespace)
### Description
diff --git a/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md b/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md
index df6fa61faf6..69a4ea476b2 100644
--- a/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md
+++ b/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/shared_host_network_namespace)
### Description
diff --git a/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md b/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md
index 0217eca9c69..0c8a9748032 100644
--- a/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md
+++ b/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/pod_or_container_without_security_context)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md b/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md
index 8bf16a4997c..dce98ca0b2e 100644
--- a/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md
+++ b/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md b/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md
index 853bc828219..f5ee3fa93a6 100644
--- a/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md
+++ b/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_not_required_numbers)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md b/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md
index 5691bc21eaf..7dabb835ace 100644
--- a/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md
+++ b/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_log_connections_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md b/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md
index 61ed6077393..3bfb32ea15c 100644
--- a/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md
+++ b/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/launch_template_is_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md b/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md
index 2b0ecd29533..07ebacdb8a7 100644
--- a/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md
+++ b/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md b/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md
index 69ebfdb9b87..451b3e328ee 100644
--- a/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md
+++ b/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/api_gateway_api_protocol_not_https)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md b/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md
index be31f21c0a7..be300a5764a 100644
--- a/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md
+++ b/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/public_security_group_rule_sensitive_port)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md b/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md
index 655f66745a7..1879053136a 100644
--- a/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md
+++ b/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_has_static_website)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md b/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md
index fa09278a4da..1aa8e2827db 100644
--- a/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md
+++ b/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_max_password_age_unrecommended)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md b/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md
index 636afd8184a..12da6f462d1 100644
--- a/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md
+++ b/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/disk_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md b/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md
index 4c44bb391a8..28d13370d9f 100644
--- a/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md
+++ b/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_not_required_symbols)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md b/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md
index 581cd3f019e..9bf202d4505 100644
--- a/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md
+++ b/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_tde_status_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md b/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md
index 311d5aebd25..c6009c9ec5b 100644
--- a/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md
+++ b/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ros_stack_retention_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md b/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md
index af976dac261..1059188267f 100644
--- a/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md
+++ b/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md b/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md
index a8c4efec9f1..e757c7c34db 100644
--- a/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md
+++ b/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/nas_file_system_without_kms)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md b/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md
index e581db9338a..89964e24c1a 100644
--- a/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md
+++ b/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/public_security_group_rule_all_ports_or_protocols)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md b/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md
index c49a672ec06..d8889edd3e1 100644
--- a/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md
+++ b/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_ip_restriction_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md b/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md
index 58d2fded7c7..b936587950e 100644
--- a/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md
+++ b/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_public_access_enabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md b/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md
index c6e616f142a..e219d44d283 100644
--- a/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md
+++ b/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_policy_attached_to_user)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md b/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md
index b15225444fb..3a6d49c3836 100644
--- a/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md
+++ b/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/nas_file_system_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md b/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md
index 787897a7e52..be81c8fb685 100644
--- a/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md
+++ b/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/actiontrail_trail_oss_bucket_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md b/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md
index 69ff44bc473..cc5291dc6a8 100644
--- a/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md
+++ b/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_versioning_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md b/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md
index f536db8651c..bd4bc739211 100644
--- a/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md
+++ b/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/no_ros_stack_policy)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md b/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md
index 88af1a618b1..dbe71f8a826 100644
--- a/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md
+++ b/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_ssl_action_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md b/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md
index 8c604dd6899..ce6c4da8f2d 100644
--- a/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md
+++ b/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_lifecycle_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md b/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md
index 1abe7cbc4a3..7544bcc5b81 100644
--- a/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md
+++ b/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/cs_kubernetes_node_pool_auto_repair_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md b/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md
index 96787c50814..ddc16a14a98 100644
--- a/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md
+++ b/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_list_action_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md b/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md
index e5fd067058b..093308e64b5 100644
--- a/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md
+++ b/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_lowercase_character)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md b/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md
index 73d1476ac1f..616face97f5 100644
--- a/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md
+++ b/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_delete_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md b/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md
index 93a33cb41d8..756ff59aff2 100644
--- a/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md
+++ b/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_transfer_acceleration_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md b/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md
index dc9d9fb50c2..c1300563a84 100644
--- a/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md
+++ b/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ros_stack_notifications_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md b/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md
index 5e67c8f2bbe..0b987eef035 100644
--- a/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md
+++ b/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_log_duration_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md b/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md
index 36ed5f8fbbb..4d4ba21010a 100644
--- a/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md
+++ b/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_without_reuse_prevention)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md b/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md
index 8d7151a56f9..865bfdfeb21 100644
--- a/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md
+++ b/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_not_required_minimum_length)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md b/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md
index e1827d790f3..edbd4c4305e 100644
--- a/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md
+++ b/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/kubernetes_cluster_without_terway_as_cni_network_plugin)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md b/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md
index 8e67374c75b..722e700aede 100644
--- a/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md
+++ b/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_events_not_logged)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md b/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md
index 8005fcd66d5..b8f4e29ddc9 100644
--- a/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md
+++ b/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_buckets_securetransport_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md b/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md
index cbcd8daf02d..f6c06f5488a 100644
--- a/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md
+++ b/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/action_trail_logging_all_regions_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md b/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md
index a51bb6df9c0..f095cb21c33 100644
--- a/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md
+++ b/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/high_kms_key_rotation_period)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md b/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md
index 0d8f628d1e2..735d58c7c83 100644
--- a/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md
+++ b/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/vpc_flow_logs_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md b/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md
index 3ca95bb0a24..d342927e99e 100644
--- a/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md
+++ b/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_log_disconnections_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md b/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md
index c03aa1699d5..e8f30ceba0b 100644
--- a/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md
+++ b/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/slb_policy_with_insecure_tls_version_in_use)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md b/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md
index 747b81e0aaf..7850364a9d7 100644
--- a/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md
+++ b/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_retention_not_recommended)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md b/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md
index 25388a546e0..c3167c24177 100644
--- a/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md
+++ b/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_security_preference_not_enforce_mfa)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md b/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md
index a3ce0de3c8a..157b5115996 100644
--- a/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md
+++ b/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/public_security_group_rule_unknown_port)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md b/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md
index 4179c55e974..ad9c1eae977 100644
--- a/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md
+++ b/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_max_login_attempts_unrecommended)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md b/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md
index 106652acf05..857a3b9f573 100644
--- a/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md
+++ b/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_policy_admin_access_not_attached_to_users_groups_roles)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md b/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md
index 8ea8d5fe35e..99d9c8edd46 100644
--- a/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md
+++ b/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_all_actions_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md b/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md
index 9b68bb498cb..13419675a0b 100644
--- a/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md
+++ b/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/log_retention_is_not_greater_than_90_days)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md b/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md
index ea4941ad66a..3f6b76bc0ee 100644
--- a/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md
+++ b/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/cmk_is_unusable)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md b/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md
index 5c91122d4fd..3f13670665f 100644
--- a/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md
+++ b/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/alb_listening_on_http)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md b/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md
index 2e25936b0df..298b92b5f1e 100644
--- a/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md
+++ b/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_cmk_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md b/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md
index 255cc246eb8..ad674e739ee 100644
--- a/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md
+++ b/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ecs_data_disk_kms_key_id_undefined)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md b/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md
index 7270626bcb6..2d7a201f114 100644
--- a/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md
+++ b/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_address_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md b/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md
index 2f250f6d4d2..10acc24c22a 100644
--- a/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md
+++ b/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_put_action_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md b/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md
index bbfa6b0940d..c959682a6c2 100644
--- a/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md
+++ b/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_without_minimum_protocol_tls_1.2)
### Description
diff --git a/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md b/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md
index 92c6a7e9060..529f7b786a0 100644
--- a/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md
+++ b/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/glue_data_catalog_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md b/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md
index 1b4a99438e4..9b055b5853d 100644
--- a/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md
+++ b/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/amazon_dms_replication_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md b/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md
index 59b6c0c900f..ea10d0f1490 100644
--- a/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md
+++ b/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_lambda_CreateFunction_and_lambda_InvokeFunction)
### Description
diff --git a/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md b/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md
index 63703d64da3..d6cecce9034 100644
--- a/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md
+++ b/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_CreateLoginProfile)
### Description
diff --git a/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md b/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md
index 220ceda8488..6769f6af25e 100644
--- a/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md
+++ b/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/msk)
### Description
diff --git a/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md b/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md
index ae0139837a3..664f0fea427 100644
--- a/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md
+++ b/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_metrics_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md b/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md
index 533fe87df3e..7854a19f524 100644
--- a/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md
+++ b/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/shield_advanced_not_in_use)
### Description
diff --git a/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md b/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md
index 36bb779566a..18100975c2f 100644
--- a/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md
+++ b/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_instance_storage_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md b/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md
index 4aefa4db506..fc6e788127c 100644
--- a/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md
+++ b/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa)
### Description
diff --git a/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md b/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md
index 6dd2228947d..d4276d2008a 100644
--- a/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md
+++ b/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_cluster_without_vpc)
### Description
diff --git a/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md b/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md
index 92e05604a73..c455106a510 100644
--- a/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md
+++ b/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_glue_CreateDevEndpoint)
### Description
diff --git a/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md b/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md
index e5b276747b1..710d92fea2e 100644
--- a/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md
+++ b/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_changes_to_nacl_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md b/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md
index 08e7d71b1ab..aa944638f1c 100644
--- a/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md
+++ b/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_configured_authorizer)
### Description
diff --git a/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md b/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md
index 9d37d4e53a0..332b2c89b31 100644
--- a/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md
+++ b/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_is_not_integrated_with_waf)
### Description
diff --git a/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md b/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md
index ca775a5d13a..eec229b09ec 100644
--- a/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md
+++ b/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_log_group_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md b/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md
index 72f5b635d89..0c505934b3a 100644
--- a/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md
+++ b/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_ssl_certificate)
### Description
diff --git a/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md b/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md
index 687d193b6d6..f36412cf9b3 100644
--- a/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md
+++ b/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kms_key_with_no_deletion_window)
### Description
diff --git a/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md b/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md
index d81157c1552..4bb5bca0a5d 100644
--- a/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md
+++ b/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_using_api_keys)
### Description
diff --git a/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md b/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md
index 1355d05fb88..22b43238e96 100644
--- a/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md
+++ b/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_vpc_endpoint_wihout_route_table_association)
### Description
diff --git a/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md b/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md
index 1a52c0b44a5..4eb43109693 100644
--- a/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md
+++ b/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PutUserPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md b/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md
index d52268c8579..a79aa78f71a 100644
--- a/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md
+++ b/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_iam_invokefunction_misconfigured)
### Description
diff --git a/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md b/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md
index 714f5af52d8..1f21d7e0abd 100644
--- a/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md
+++ b/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_repository_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md b/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md
index 0d5c38c610d..13381e1f7e3 100644
--- a/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md
+++ b/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/kinesis)
### Description
diff --git a/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md b/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md
index b4bd9b6efd7..ca7a205aa36 100644
--- a/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md
+++ b/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_cloudtrail_configuration_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md b/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md
index 8d55c7b8ba5..d0229e432a6 100644
--- a/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md
+++ b/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_CreateLoginProfile)
### Description
diff --git a/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md b/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md
index d562f4b80ca..ce0d2365d3c 100644
--- a/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md
+++ b/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_CreateAccessKey)
### Description
diff --git a/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md b/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md
index aa8c8332759..75dd4c4a7d7 100644
--- a/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md
+++ b/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_SetDefaultPolicyVersion)
### Description
diff --git a/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md b/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md
index 74eacece86b..eac9ec0741e 100644
--- a/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md
+++ b/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elb_using_insecure_protocols)
### Description
diff --git a/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md b/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md
index d0ab6c18d96..c7b9cc75f5f 100644
--- a/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md
+++ b/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/rds)
### Description
diff --git a/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md b/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md
index 2e3dfe0daee..65bed4e8fd2 100644
--- a/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md
+++ b/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_role_allows_all_principals_to_assume)
### Description
diff --git a/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md b/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md
index a4ced02e8f6..7cbfde8484e 100644
--- a/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md
+++ b/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_policy_with_full_priveleges)
### Description
diff --git a/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md b/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md
index d0489458024..3169f227ade 100644
--- a/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md
+++ b/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/hardcoded_aws_access_key_in_lambda)
### Description
diff --git a/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md b/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md
index 404cdb40679..3a70e5b5e08 100644
--- a/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md
+++ b/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_without_waf)
### Description
diff --git a/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md b/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md
index 565f000657e..08408c7909b 100644
--- a/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md
+++ b/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/remote_desktop_port_open_to_internet)
### Description
diff --git a/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md b/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md
index 7b1ef171f74..b58a82bf670 100644
--- a/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md
+++ b/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_with_open_access)
### Description
diff --git a/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md b/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md
index 9b484b4624f..750271c26dc 100644
--- a/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md
+++ b/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_ec2_RunInstances)
### Description
diff --git a/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md b/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md
index 09de5a595c3..a9d558adb47 100644
--- a/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md
+++ b/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_cluster_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md b/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md
index 8e33a61a10a..fc92a4ff22e 100644
--- a/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md
+++ b/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_domain_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md b/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md
index a98d33c307e..865abe24775 100644
--- a/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md
+++ b/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_CreatePolicyVersion)
### Description
diff --git a/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md b/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md
index d9945ced030..cb37c69ee8f 100644
--- a/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md
+++ b/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_not_integrated_with_cloudwatch)
### Description
diff --git a/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md b/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md
index ef9a0d36cba..c16b46b8f48 100644
--- a/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md
+++ b/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_cloudformation_CreateStack)
### Description
diff --git a/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md b/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md
index 515985e82b7..b48480b34bb 100644
--- a/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md
+++ b/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_with_public_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md b/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md
index ddacfdfc9c9..2deaec55e62 100644
--- a/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md
+++ b/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/aurora_with_disabled_at_rest_encryption)
### Description
diff --git a/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md b/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md
index 839a59063f0..a0dfef5888d 100644
--- a/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md
+++ b/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_replication_group_not_encrypted_at_transit)
### Description
diff --git a/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md b/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md
index daaa69d580f..2c1ec5082ac 100644
--- a/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md
+++ b/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_function_with_privileged_role)
### Description
diff --git a/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md b/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md
index 6af5bf39c60..1c540d5cfd3 100644
--- a/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md
+++ b/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_access_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md b/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md
index 9d01e4d8b44..2b9b26ad306 100644
--- a/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md
+++ b/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_password_without_minimum_length)
### Description
diff --git a/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md b/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md
index f7a8e3bfda6..7f49be4570f 100644
--- a/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md
+++ b/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cdn_configuration_is_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md b/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md
index 007a0c9a29d..4f3c9ca7463 100644
--- a/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md
+++ b/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_with_backup_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md b/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md
index beb0da0df6d..cc9bd381a4d 100644
--- a/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md
+++ b/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_get_action_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md b/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md
index 8b2a4d7561e..560a1c4fe52 100644
--- a/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md
+++ b/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_security_group_with_public_scope)
### Description
diff --git a/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md b/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md
index ab2abd398d0..ad0c8bb8f3f 100644
--- a/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md
+++ b/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_restriction_of_public_bucket)
### Description
diff --git a/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md b/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md
index 6594b6220ad..11ed0cc5349 100644
--- a/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md
+++ b/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elb_access_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md b/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md
index ba2257511d3..43e701c8f34 100644
--- a/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md
+++ b/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_cluster_encrypted_with_aws_managed_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md b/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md
index 33032fc731a..ef50d06ed0b 100644
--- a/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md
+++ b/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_route_table_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md b/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md
index d7cfbd51134..09939e0d73e 100644
--- a/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md
+++ b/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cmk_rotation_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md b/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md
index 376d4f73cb3..f78787ae886 100644
--- a/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md
+++ b/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_monitoring_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md b/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md
index 243b5534c8d..66708ff59ae 100644
--- a/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md
+++ b/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/dynamo)
### Description
diff --git a/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md b/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md
index b96b75e2b0d..cd1e6a278b3 100644
--- a/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md
+++ b/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_not_encrypted_at_rest)
### Description
diff --git a/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md b/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md
index c890a4ccf9d..8893b4790f9 100644
--- a/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md
+++ b/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redis_not_compliant)
### Description
diff --git a/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md b/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md
index f75da662ecc..95593cb7c2d 100644
--- a/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md
+++ b/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/efs_without_kms)
### Description
diff --git a/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md b/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md
index a3cb496d13b..e9f0852c779 100644
--- a/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md
+++ b/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/route53_record_undefined)
### Description
diff --git a/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md b/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md
index 7d17f9cce3f..0e9e4005aaa 100644
--- a/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md
+++ b/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_s3_policy_change_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md b/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md
index 8493f34118a..4915620b91b 100644
--- a/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md
+++ b/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md b/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md
index 247789b8b31..33a302145d1 100644
--- a/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md
+++ b/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/emr_without_vpc)
### Description
diff --git a/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md b/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md
index 91de273e625..7e34dce09a9 100644
--- a/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md
+++ b/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/s3_bucket)
### Description
diff --git a/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md b/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md
index 05f5b484d40..c8228751ea2 100644
--- a/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md
+++ b/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_with_https_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md b/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md
index 289a31dd361..3c53d545c7b 100644
--- a/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md
+++ b/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/no_stack_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md b/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md
index 3bf1b3583e3..eb897b65dc1 100644
--- a/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md
+++ b/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policies_with_full_privileges)
### Description
diff --git a/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md b/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md
index a7b9dd98b70..35820d4b1fc 100644
--- a/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md
+++ b/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/msk_cluster_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md b/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md
index e6dd154e93a..498978733a2 100644
--- a/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md
+++ b/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_associated_with_public_subnet)
### Description
diff --git a/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md b/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md
index 9efbc0aa243..08f08426ecf 100644
--- a/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md
+++ b/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_ec2_RunInstances)
### Description
diff --git a/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md b/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md
index 571945b76e6..c422ac3a04a 100644
--- a/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md
+++ b/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/mq_broker_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md b/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md
index 6955b8dafcb..9007f14b463 100644
--- a/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md
+++ b/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_storage_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md b/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md
index b0e0bbf085e..d331dbd8d1a 100644
--- a/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md
+++ b/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_service_admin_role_is_present)
### Description
diff --git a/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md b/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md
index 63a170acf12..a579b2d8f65 100644
--- a/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md
+++ b/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_UpdateAssumeRolePolicy_and_sts_AssumeRole)
### Description
diff --git a/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md b/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md
index cecaa70026d..92b9d43d44d 100644
--- a/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md
+++ b/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ses_policy_with_allowed_iam_actions)
### Description
diff --git a/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md b/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md
index 75f47a06505..e519235a44c 100644
--- a/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md
+++ b/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_db_instance_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md b/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md
index 79f485371fa..84d96372bc1 100644
--- a/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md
+++ b/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_user_too_many_access_keys)
### Description
diff --git a/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md b/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md
index 4beaf550af4..19fe7b8e77a 100644
--- a/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md
+++ b/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_UpdateLoginProfile)
### Description
diff --git a/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md b/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md
index 688dabcff00..843776f9ba0 100644
--- a/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md
+++ b/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_log_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md b/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md
index 04383255110..7b84d1f34fc 100644
--- a/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md
+++ b/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sensitive_port_is_exposed_to_entire_network)
### Description
diff --git a/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md b/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md
index 30be1b60015..ac94c81de9e 100644
--- a/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md
+++ b/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_aws_organizations_changes_missing_alarm)
### Description
diff --git a/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md b/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md
index 4318cb8312d..ff6a55a076d 100644
--- a/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md
+++ b/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_acl_allows_read_or_write_to_all_users)
### Description
diff --git a/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md b/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md
index 1c7b059494a..8c3ccc6ed60 100644
--- a/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md
+++ b/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vulnerable_default_ssl_certificate)
### Description
diff --git a/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md b/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md
index f8a48c50e9f..548e3254b5c 100644
--- a/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md
+++ b/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/network_acl_with_unrestricted_access_to_ssh)
### Description
diff --git a/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md b/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md
index 4ab233e929a..f6b921e62d5 100644
--- a/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md
+++ b/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/automatic_minor_upgrades_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md b/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md
index bbb9494b498..2200b78e894 100644
--- a/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md
+++ b/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ebs_default_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md b/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md
index 6a9ac7ab927..04a66cee535 100644
--- a/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md
+++ b/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/amazon_mq_broker_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md b/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md
index 138b4fa01e1..0ab8e6bb367 100644
--- a/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md
+++ b/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AttachRolePolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md b/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md
index c4aef8b892a..0182710e6e9 100644
--- a/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md
+++ b/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/authentication_without_mfa)
### Description
diff --git a/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md b/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md
index 72cc5676dce..6b359b999ea 100644
--- a/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md
+++ b/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/codebuild_project_encrypted_with_aws_managed_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md b/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md
index 9043d55c060..0892da53c0b 100644
--- a/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md
+++ b/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/public_lambda_via_api_gateway)
### Description
diff --git a/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md b/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md
index f2c9dc6ca28..87a92c48888 100644
--- a/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md
+++ b/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_policy_with_full_priveleges copy)
### Description
diff --git a/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md b/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md
index f85573afd31..a0c0bfdc03d 100644
--- a/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md
+++ b/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_using_default_port)
### Description
diff --git a/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md b/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md
index 78f6429c5b1..8b564c4d5b1 100644
--- a/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md
+++ b/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_static_website_host_enabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md b/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md
index aaecfc7f64a..a8754923d69 100644
--- a/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md
+++ b/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_has_public_access)
### Description
diff --git a/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md b/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md
index 8f8f24476df..ecf4c561e5d 100644
--- a/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md
+++ b/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_SetDefaultPolicyVersion)
### Description
diff --git a/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md b/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md
index 53890fa04ca..f3e7a63db7d 100644
--- a/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md
+++ b/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_data_contains_encoded_private_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md b/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md
index 1d20162e11c..7d883b6d03d 100644
--- a/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md
+++ b/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_management_console_sign_in_without_mfa_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md b/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md
index cab8f25eebb..a5493c46d9f 100644
--- a/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md
+++ b/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md b/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md
index 16873dcb7fb..5b5e4a5f5dc 100644
--- a/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md
+++ b/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/default_security_groups_with_unrestricted_traffic)
### Description
diff --git a/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md b/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md
index bed49a30512..60cc7713a47 100644
--- a/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md
+++ b/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/unrestricted_security_group_ingress)
### Description
diff --git a/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md b/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md
index 00c38661d31..3df31a66ced 100644
--- a/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md
+++ b/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_cluster_without_kms)
### Description
diff --git a/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md b/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md
index ba554f25b3a..9d02efc0000 100644
--- a/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md
+++ b/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/efs_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md b/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md
index 90ac290b61b..92050854b8c 100644
--- a/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md
+++ b/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_sns_topic_name_undefined)
### Description
diff --git a/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md b/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md
index ab1ea5d8b0c..a121cce2f59 100644
--- a/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md
+++ b/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_groups_not_used)
### Description
diff --git a/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md b/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md
index 33ecb85dcd9..668749ca431 100644
--- a/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md
+++ b/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elb_using_weak_ciphers)
### Description
diff --git a/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md b/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md
index cc811905f29..aa1f9b6d0c6 100644
--- a/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md
+++ b/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md b/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md
index dfdc056e295..6399fc57d26 100644
--- a/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md
+++ b/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_policy_accepts_http_requests)
### Description
diff --git a/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md b/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md
index e1a7da4bb4a..3199e5cc400 100644
--- a/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md
+++ b/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redis_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md b/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md
index 1760ad837b9..e05dd5c54f0 100644
--- a/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md
+++ b/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_security_group_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md b/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md
index a26026e4b35..871145c3e49 100644
--- a/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md
+++ b/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_unauthorized_access_defined_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md b/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md
index 14b3ca528d1..2b223a84bf6 100644
--- a/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md
+++ b/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_task_definition_volume_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md b/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md
index 988c806c114..edceb7936cd 100644
--- a/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md
+++ b/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/launch_configuration_is_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md b/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md
index 5b1261a2959..83cc18e56d2 100644
--- a/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md
+++ b/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_security_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md b/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md
index b39b64dc2cf..04538894a05 100644
--- a/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md
+++ b/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/mq_broker_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md b/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md
index 5dc6842edc7..70caf031edc 100644
--- a/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md
+++ b/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_security_group_open_to_large_scope)
### Description
diff --git a/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md b/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md
index b99ae5473c5..d1ce1c6ff5c 100644
--- a/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md
+++ b/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_ignore_public_acl)
### Description
diff --git a/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md b/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md
index 3ebe28fc09d..52d1b538499 100644
--- a/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md
+++ b/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_subnet_assigns_public_ip)
### Description
diff --git a/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md b/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md
index 10049c6d208..699ea93e6ba 100644
--- a/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md
+++ b/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_file_validation_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md b/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md
index a3c1a9819f2..a62e4413c92 100644
--- a/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md
+++ b/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/elasticache)
### Description
diff --git a/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md b/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md
index 79398414dc1..33e98358db8 100644
--- a/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md
+++ b/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/msk_broker_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md b/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md
index e99cc31d2cb..d278f36a6a7 100644
--- a/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md
+++ b/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sql_analysis_services_port_2383_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md b/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md
index 93a617453c2..4da1228302f 100644
--- a/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md
+++ b/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_viewer_protocol_policy_allows_http)
### Description
diff --git a/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md b/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md
index 0395fe1d4ce..b7240190bae 100644
--- a/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md
+++ b/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_versioning)
### Description
diff --git a/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md b/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md
index 7e99b876bf6..02dd5cf6733 100644
--- a/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md
+++ b/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_disabling_or_scheduled_deletion_of_customer_created_cmk_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md b/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md
index 27e0407dae3..b074e552386 100644
--- a/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md
+++ b/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md b/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md
index 5c4d7f878f0..b9933c4fe94 100644
--- a/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md
+++ b/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_lambda_UpdateFunctionCode)
### Description
diff --git a/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md b/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md
index 1587e10d488..06a108a76eb 100644
--- a/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md
+++ b/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policy_grants_full_permissions)
### Description
diff --git a/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md b/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md
index 31fe87a1ee1..4a8d1fdbde5 100644
--- a/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md
+++ b/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_acl_allows_read_to_any_authenticated_user)
### Description
diff --git a/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md b/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md
index 203705769a0..e16f2bef783 100644
--- a/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md
+++ b/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_xray_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md b/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md
index cfd122ddbb3..8274583b37a 100644
--- a/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md
+++ b/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_management_console_auth_failed_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md b/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md
index 052bbd240a7..e91f27db5da 100644
--- a/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md
+++ b/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sagemaker_endpoint_configuration_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md b/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md
index a7a8c8c7826..5ef0c2d1452 100644
--- a/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md
+++ b/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/unknown_port_exposed_to_internet)
### Description
diff --git a/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md b/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md
index cce47058a9f..85a16e8ddfc 100644
--- a/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md
+++ b/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_has_public_ip)
### Description
diff --git a/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md b/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md
index a631054f0c2..1c98a2d7960 100644
--- a/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md
+++ b/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_CreateAccessKey)
### Description
diff --git a/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md b/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md
index 375ee775071..99ab0b06b9b 100644
--- a/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md
+++ b/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_aws_config_configuration_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md b/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md
index 71697d8c15b..49626f1e339 100644
--- a/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md
+++ b/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/service_control_policies_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md b/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md
index 2ad3a276507..7b5371f7cca 100644
--- a/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md
+++ b/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secure_ciphers_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md b/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md
index 3260a25a644..7019760d25b 100644
--- a/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md
+++ b/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kinesis_sse_not_configured)
### Description
diff --git a/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md b/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md
index 824bc164273..2cfba63b9ff 100644
--- a/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md
+++ b/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_using_default_port)
### Description
diff --git a/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md b/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md
index fd387cde15c..f2b52cf4ddd 100644
--- a/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md
+++ b/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_kms)
### Description
diff --git a/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md b/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md
index e99c4f423a2..42fb82ed845 100644
--- a/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md
+++ b/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously)
### Description
diff --git a/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md b/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md
index 49df6b8c061..0469fbec906 100644
--- a/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md
+++ b/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_object_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md b/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md
index 06691051bb0..56b4f65e350 100644
--- a/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md
+++ b/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_not_ebs_optimized)
### Description
diff --git a/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md b/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md
index 6d405355bd7..9d01d4b167e 100644
--- a/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md
+++ b/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PutUserPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md b/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md
index d6018aeb133..4661ad37851 100644
--- a/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md
+++ b/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_has_public_access_cidrs)
### Description
diff --git a/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md b/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md
index 3fdcf4b1f26..b5bc46b8137 100644
--- a/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md
+++ b/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_deployment_without_access_log_setting)
### Description
diff --git a/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md b/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md
index 7b2fbc68b2b..12fdf9f3829 100644
--- a/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md
+++ b/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md b/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md
index a5e9710f2b8..c4aa0b3ab92 100644
--- a/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md
+++ b/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_acl_grants_write_acp_permission)
### Description
diff --git a/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md b/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md
index cd351a2e048..278ffd7aad6 100644
--- a/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md
+++ b/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_database_cluster_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md b/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md
index 18b1583cbc2..aa30eb02124 100644
--- a/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md
+++ b/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_group_with_unrestricted_access_to_ssh)
### Description
diff --git a/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md b/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md
index 1d0c402ba02..bfed412d848 100644
--- a/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md
+++ b/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_list_action_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md b/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md
index 7445991a114..8f11b3d6521 100644
--- a/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md
+++ b/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/batch_job_definition_with_privileged_container_properties)
### Description
diff --git a/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md b/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md
index 91397673e0e..b4a5a2a682f 100644
--- a/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md
+++ b/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/missing_cluster_log_types)
### Description
diff --git a/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md b/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md
index ab98f4b33a5..e44f8f54912 100644
--- a/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md
+++ b/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_method_does_not_contains_an_api_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md b/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md
index fc9388ff166..d47df30fa59 100644
--- a/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md
+++ b/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_group_rules_without_description)
### Description
diff --git a/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md b/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md
index 49338bfb8dc..a6caba7d534 100644
--- a/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md
+++ b/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_repository_without_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md b/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md
index 2805a9fd633..3f65a56c100 100644
--- a/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md
+++ b/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_endpoint_config_is_not_private)
### Description
diff --git a/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md b/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md
index 46d0364076c..1b13a6c579e 100644
--- a/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md
+++ b/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_network_gateways_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md b/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md
index 3e1114d4089..2800d2e3aba 100644
--- a/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md
+++ b/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AttachGroupPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md b/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md
index 38eb53dadd6..5ac0f37aad5 100644
--- a/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md
+++ b/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_nodes_not_created_across_multi_az)
### Description
diff --git a/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md b/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md
index a83965ee2e5..7942ae6c681 100644
--- a/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md
+++ b/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/msk_cluster_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md b/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md
index 0f4631d5407..d6ff419efab 100644
--- a/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md
+++ b/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_UpdateLoginProfile)
### Description
diff --git a/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md b/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md
index e0754ed0e17..1cacdb7fbf1 100644
--- a/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md
+++ b/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/stack_retention_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md b/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md
index 936f221513a..d81dec5cd1e 100644
--- a/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md
+++ b/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_not_dropping_invalid_headers)
### Description
diff --git a/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md b/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md
index 78a99999688..e6280de29a1 100644
--- a/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md
+++ b/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_with_sse_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md b/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md
index 8b6262fdae0..3525dce739e 100644
--- a/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md
+++ b/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/guardduty_detector_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md b/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md
index 69fd3c6bec4..5749a43ae75 100644
--- a/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md
+++ b/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_access_key_is_exposed)
### Description
diff --git a/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md b/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md
index 0e08738ff48..39becb6bbac 100644
--- a/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md
+++ b/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AttachGroupPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md b/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md
index 3bb58b2e202..aaf00dd69b8 100644
--- a/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md
+++ b/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AttachUserPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md b/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md
index d2af4a82f35..5b7f94a80e4 100644
--- a/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md
+++ b/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_policy_with_public_access)
### Description
diff --git a/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md b/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md
index fb4bf619a46..0c6ad62b84a 100644
--- a/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md
+++ b/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cmk_is_unusable)
### Description
diff --git a/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md b/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md
index 4febc974506..00ba515f54a 100644
--- a/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md
+++ b/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_table_point_in_time_recovery_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md b/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md
index 26f8c33bb80..c1ed67bbb51 100644
--- a/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md
+++ b/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_permission_misconfigured)
### Description
diff --git a/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md b/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md
index 4e7718714b7..272883f4079 100644
--- a/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md
+++ b/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_replication_group_not_encrypted_at_rest)
### Description
diff --git a/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md b/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md
index aa5d7cdd20c..09850543603 100644
--- a/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md
+++ b/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_SetDefaultPolicyVersion)
### Description
diff --git a/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md b/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md
index a7e2c7c6119..5774ed111be 100644
--- a/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md
+++ b/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_UpdateAssumeRolePolicy_and_sts_AssumeRole)
### Description
diff --git a/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md b/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md
index 47a2efbf1cc..b5ca4c5c881 100644
--- a/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md
+++ b/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_encryption_with_kms_is_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md b/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md
index 7c2431219e0..d5cd08e523c 100644
--- a/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md
+++ b/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_access_to_any_principal)
### Description
diff --git a/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md b/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md
index 0886a879d3b..7be2e986c5f 100644
--- a/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md
+++ b/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AttachUserPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md b/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md
index 866de5265a7..6d9bc81835c 100644
--- a/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md
+++ b/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_glue_CreateDevEndpoint)
### Description
diff --git a/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md b/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md
index 461fa0bcdfd..5472e831161 100644
--- a/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md
+++ b/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md b/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md
index b5092e0999a..9686df0cc0a 100644
--- a/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md
+++ b/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_using_default_vpc)
### Description
diff --git a/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md b/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md
index 81196ae94bf..fab2f682184 100644
--- a/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md
+++ b/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kms_key_with_full_permissions)
### Description
diff --git a/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md b/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md
index 27bde264def..56f7acd0944 100644
--- a/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md
+++ b/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_lambda_CreateFunction_and_lambda_InvokeFunction)
### Description
diff --git a/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md b/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md
index c284bbfeb57..ea0288bdfcb 100644
--- a/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md
+++ b/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_functions_without_x-ray_tracing)
### Description
diff --git a/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md b/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md
index cb5e6d3587b..e7fe6a6505b 100644
--- a/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md
+++ b/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_policy_allows_all_actions)
### Description
diff --git a/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md b/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md
index 9bc1f839493..63aca3005ed 100644
--- a/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md
+++ b/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_multi_region_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md b/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md
index 4f63c7d832f..88408879db6 100644
--- a/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md
+++ b/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_CreateAccessKey)
### Description
diff --git a/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md b/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md
index 4c80ce86439..5e06ccda69d 100644
--- a/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md
+++ b/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kinesis_not_encrypted_with_kms)
### Description
diff --git a/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md b/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md
index 8e85bab02dd..d9ead5e98b8 100644
--- a/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md
+++ b/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/ebs)
### Description
diff --git a/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md b/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md
index 151bd63d05d..f451e2716b3 100644
--- a/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md
+++ b/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/certificate_rsa_key_bytes_lower_than_256)
### Description
diff --git a/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md b/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md
index 2cdf42864d3..8c9f26a7415 100644
--- a/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md
+++ b/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_database_auth_not_enabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md b/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md
index 462a0ab9736..adab4882623 100644
--- a/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md
+++ b/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_ec2_RunInstances)
### Description
diff --git a/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md b/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md
index d0ada9631e6..21746eb0fb2 100644
--- a/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md
+++ b/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/password_without_reuse_prevention)
### Description
diff --git a/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md b/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md
index e586881090c..911bbe7f38a 100644
--- a/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md
+++ b/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_root_account_use_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md b/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md
index 7a1e6c85b53..ae72706f275 100644
--- a/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md
+++ b/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ami_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md b/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md
index 497cb5172c7..1e114104471 100644
--- a/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md
+++ b/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PutGroupPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md b/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md
index 6c30f11c953..6612ce21ed4 100644
--- a/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md
+++ b/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_without_vpc)
### Description
diff --git a/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md b/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md
index cc83b48598d..814a5303ecc 100644
--- a/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md
+++ b/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_without_logging)
### Description
diff --git a/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md b/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md
index 68dbcf2d6a7..aaa77c27057 100644
--- a/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md
+++ b/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/auto_scaling_group_with_no_associated_elb)
### Description
diff --git a/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md b/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md
index 72567d6bd4b..60b7be50d26 100644
--- a/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md
+++ b/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_glue_UpdateDevEndpoint)
### Description
diff --git a/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md b/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md
index 308ebe066e8..dd2045258c5 100644
--- a/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md
+++ b/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PutUserPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md b/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md
index 29a94c1328e..e09f4e511d3 100644
--- a/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md
+++ b/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_redis_cluster_without_backup)
### Description
diff --git a/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md b/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md
index b3c9f672fa3..a75dacce4cf 100644
--- a/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md
+++ b/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/stack_without_template)
### Description
diff --git a/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md b/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md
index 5fd220e014e..4348cd69ce3 100644
--- a/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md
+++ b/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_service_without_running_tasks)
### Description
diff --git a/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md b/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md
index b16597786b1..5da6e53bcf6 100644
--- a/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md
+++ b/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ros_stack_without_template)
### Description
diff --git a/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md b/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md
index 0ba263f6368..e7bad4684b5 100644
--- a/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md
+++ b/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sensitive_port_is_exposed_to_wide_private_network)
### Description
diff --git a/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md b/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md
index e6d3752b30a..85461052fa0 100644
--- a/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md
+++ b/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md b/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md
index cd06ff686e6..532b6877948 100644
--- a/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md
+++ b/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_glue_CreateDevEndpoint)
### Description
diff --git a/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md b/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md
index 7256b4c85ae..f39176a8d50 100644
--- a/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md
+++ b/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/unscanned_ecr_image)
### Description
diff --git a/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md b/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md
index 220c9ffa2ee..ffc8e7cd894 100644
--- a/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md
+++ b/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_domain_not_encrypted_node_to_node)
### Description
diff --git a/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md b/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md
index 4e57e1da302..92aeaa2901f 100644
--- a/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md
+++ b/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/global_accelerator_flow_logs_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md b/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md
index 7eddf7014f8..70572ac6dbf 100644
--- a/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md
+++ b/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/default_vpc_exists)
### Description
diff --git a/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md b/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md
index 6bb186984b8..33445bfe4e2 100644
--- a/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md
+++ b/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/root_account_has_active_access_keys)
### Description
diff --git a/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md b/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md
index f3c4f230c2e..ac5cad42399 100644
--- a/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md
+++ b/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AddUserToGroup)
### Description
diff --git a/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md b/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md
index 71a036556b8..416aa2d6884 100644
--- a/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md
+++ b/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_cluster_container_insights_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md b/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md
index e03543c0ddb..96950c618e9 100644
--- a/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md
+++ b/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_with_cloudwatch_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md b/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md
index 01cce3014fe..3d13ad48a29 100644
--- a/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md
+++ b/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_with_unsecured_cors_rule)
### Description
diff --git a/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md b/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md
index ebd35512dc1..f4d46d0b514 100644
--- a/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md
+++ b/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_database_cluster_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md b/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md
index cb7115f3f9c..f47796a0412 100644
--- a/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md
+++ b/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_CreateLoginProfile)
### Description
diff --git a/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md b/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md
index e0a898933fb..2dcbe9f92c6 100644
--- a/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md
+++ b/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_default_security_group_accepts_all_traffic)
### Description
diff --git a/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md b/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md
index 51f341b4a40..7379dcd6db3 100644
--- a/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md
+++ b/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_cloudformation_CreateStack)
### Description
diff --git a/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md b/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md
index 0d834aae7d7..cb21877639d 100644
--- a/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md
+++ b/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_glue_UpdateDevEndpoint)
### Description
diff --git a/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md b/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md
index ce22140035d..4a7c8cfd39c 100644
--- a/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md
+++ b/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_cluster_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md b/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md
index a960a29a025..82796695087 100644
--- a/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md
+++ b/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_vpc_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md b/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md
index 47adaf9403b..fb8c5b46b86 100644
--- a/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md
+++ b/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_user_with_access_to_console)
### Description
diff --git a/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md b/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md
index daf099498dc..3c2cee1ba1a 100644
--- a/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md
+++ b/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/aws_password_policy_with_unchangeable_passwords)
### Description
diff --git a/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md b/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md
index 311b43103c6..347c11d783f 100644
--- a/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md
+++ b/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ca_certificate_identifier_is_outdated)
### Description
diff --git a/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md b/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md
index 0839bb7c591..fcb634eaa5d 100644
--- a/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md
+++ b/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_task_definition_network_mode_not_recommended)
### Description
diff --git a/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md b/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md
index d73ebb640bc..bf85f4c5ad0 100644
--- a/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md
+++ b/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_waf)
### Description
diff --git a/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md b/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md
index a94b4ce72bf..799a68994cb 100644
--- a/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md
+++ b/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/network_acl_with_unrestricted_access_to_rdp)
### Description
diff --git a/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md b/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md
index 8a95c9a6561..e9d46f46788 100644
--- a/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md
+++ b/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secretsmanager_secret_without_kms)
### Description
diff --git a/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md b/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md
index b52a20c3a54..b6225c6e6cc 100644
--- a/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md
+++ b/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/instance_with_no_vpc)
### Description
diff --git a/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md b/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md
index 4af73e7e6ff..f67f8520e92 100644
--- a/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md
+++ b/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_with_all_permissions)
### Description
diff --git a/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md b/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md
index 94ba91c50b3..30081bd347b 100644
--- a/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md
+++ b/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_object_level_cloudtrail_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md b/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md
index 519e87fbac0..d70e71a6c34 100644
--- a/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md
+++ b/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_queue_exposed)
### Description
diff --git a/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md b/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md
index 290767bc9a2..08f5eaa0c8c 100644
--- a/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md
+++ b/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/config_rule_for_encrypted_volumes_is_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md b/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md
index 7117d5b2415..0a686025683 100644
--- a/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md
+++ b/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/config_configuration_aggregator_to_all_regions_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md b/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md
index 7fb162608dd..ae88a5b60f4 100644
--- a/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md
+++ b/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_logs_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md b/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md
index e540787efa1..2713a2a4081 100644
--- a/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md
+++ b/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_UpdateLoginProfile)
### Description
diff --git a/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md b/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md
index 42906e6998f..6dc4657f8c4 100644
--- a/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md
+++ b/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/glue_security_configuration_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md b/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md
index e50a1c5964b..2233e08a9a9 100644
--- a/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md
+++ b/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md b/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md
index 7f036b4fe3a..654dad00f2f 100644
--- a/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md
+++ b/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md b/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md
index 397f6f4c235..29aeb866a32 100644
--- a/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md
+++ b/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_deletion_protection_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md b/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md
index d818bb2033c..311b4962a12 100644
--- a/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md
+++ b/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secretsmanager_secret_encrypted_with_aws_managed_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md b/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md
index efd2686d73c..52b0c9f4b25 100644
--- a/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md
+++ b/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rest_api_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md b/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md
index bbbbbf0e9cc..cf7e6ebdb19 100644
--- a/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md
+++ b/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_encrypted_with_aws_managed_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md b/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md
index 9b1b2a3e54d..dd687e1249e 100644
--- a/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md
+++ b/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_role_with_full_privileges)
### Description
diff --git a/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md b/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md
index f050297e688..26b81a0c41e 100644
--- a/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md
+++ b/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/athena_database_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md b/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md
index 86963037d82..323f7d1e4f5 100644
--- a/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md
+++ b/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md b/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md
index 67ee706adbc..2f7f847b4b7 100644
--- a/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md
+++ b/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_peering_route_table_with_unrestricted_cidr)
### Description
diff --git a/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md b/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md
index e75a94eb355..a44d9e09db3 100644
--- a/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md
+++ b/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated)
### Description
diff --git a/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md b/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md
index 605bae861cb..19b79502990 100644
--- a/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md
+++ b/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policies_attached_to_user)
### Description
diff --git a/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md b/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md
index 5a2d69e142a..3304c95bf5a 100644
--- a/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md
+++ b/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_user_policy_without_mfa)
### Description
diff --git a/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md b/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md
index 61ecd3baa24..fb52de75174 100644
--- a/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md
+++ b/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/no_password_policy_enabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md b/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md
index 0ad2b3b30c2..c2f7b0b9cc9 100644
--- a/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md
+++ b/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_lambda_UpdateFunctionCode)
### Description
diff --git a/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md b/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md
index e8a09c1c088..de4cdb60b08 100644
--- a/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md
+++ b/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/stack_notifications_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md b/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md
index 62168cb9cf5..43c6ac7aa86 100644
--- a/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md
+++ b/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_method_settings_cache_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md b/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md
index 38029093409..708cb98615c 100644
--- a/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md
+++ b/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AddUserToGroup)
### Description
diff --git a/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md b/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md
index 19f6439f2a7..3a65f3dfa94 100644
--- a/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md
+++ b/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/workspaces_workspace_volume_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md b/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md
index c7c982efa8d..8cc376c27cf 100644
--- a/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md
+++ b/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_node_group_remote_access_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md b/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md
index 41bb44f564d..c5084130353 100644
--- a/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md
+++ b/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/autoscaling_groups_supply_tags)
### Description
diff --git a/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md b/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md
index 9f974d0880d..f938e58b0e9 100644
--- a/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md
+++ b/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ami_shared_with_multiple_accounts)
### Description
diff --git a/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md b/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md
index cb410d29684..f4d21385881 100644
--- a/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md
+++ b/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/sqs)
### Description
diff --git a/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md b/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md
index b577c7f9edc..4f5d9c45ce7 100644
--- a/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md
+++ b/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/policy_without_principal)
### Description
diff --git a/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md b/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md
index 2c3d005283e..428d8ff704d 100644
--- a/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md
+++ b/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_cluster_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md b/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md
index f7b706c1c82..67da07978c4 100644
--- a/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md
+++ b/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_using_default_port)
### Description
diff --git a/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md b/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md
index a2aefac1807..75cb0f64a10 100644
--- a/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md
+++ b/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policy_grants_assumerole_permission_across_all_services)
### Description
diff --git a/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md b/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md
index 28ea3d51a19..e9a4e41279d 100644
--- a/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md
+++ b/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_files_s3_bucket_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md b/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md
index bd99aba8dd7..906170d084f 100644
--- a/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md
+++ b/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_cloudformation_CreateStack)
### Description
diff --git a/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md b/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md
index 7c8e75c357b..cedf5127cdc 100644
--- a/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md
+++ b/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_public_acl_overridden_by_public_access_block)
### Description
diff --git a/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md b/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md
index f40c4edc79f..6c9e8d53bf2 100644
--- a/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md
+++ b/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AddUserToGroup)
### Description
diff --git a/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md b/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md
index fe473ea2f52..cc1dbc7e4a2 100644
--- a/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md
+++ b/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PutRolePolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md b/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md
index 1b326f835c5..7744c395901 100644
--- a/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md
+++ b/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/certificate_has_expired)
### Description
diff --git a/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md b/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md
index cc0afc092ca..e6f6539292d 100644
--- a/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md
+++ b/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/public_and_private_ec2_share_role)
### Description
diff --git a/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md b/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md
index a9cfae4aec2..d1f5c4da14d 100644
--- a/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md
+++ b/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_lambda_UpdateFunctionCode)
### Description
diff --git a/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md b/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md
index 2876f863468..660b6da3403 100644
--- a/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md
+++ b/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_enabled_mfa_delete)
### Description
diff --git a/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md b/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md
index f00851104b9..68a38b25ddc 100644
--- a/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md
+++ b/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_cluster_with_iam_database_authentication_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md b/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md
index 0408833f66f..077ebd9070a 100644
--- a/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md
+++ b/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_stage_without_api_gateway_usage_plan_associated)
### Description
diff --git a/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md b/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md
index dc2ff8e9538..f36263b5a6e 100644
--- a/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md
+++ b/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_group_without_description)
### Description
diff --git a/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md b/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md
index 96e1dfd2652..660611147d8 100644
--- a/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md
+++ b/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ebs_volume_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md b/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md
index eb4fc107414..b322f94b17d 100644
--- a/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md
+++ b/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_table_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md b/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md
index 11a9c3aac19..fef9ace76d9 100644
--- a/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md
+++ b/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ssm_session_transit_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md b/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md
index fb34c8103ce..1c6f1645739 100644
--- a/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md
+++ b/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/misconfigured_password_policy_expiration)
### Description
diff --git a/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md b/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md
index 5d545c25880..a11d315fa7c 100644
--- a/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md
+++ b/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_permission_with_inadequate_user_session_duration)
### Description
diff --git a/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md b/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md
index bd039fd2765..51bb151ef29 100644
--- a/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md
+++ b/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md b/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md
index 0920ca4e515..8a96abcd0e7 100644
--- a/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md
+++ b/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_public_acl)
### Description
diff --git a/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md b/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md
index cbcc3b3dfb0..b4e36b69f23 100644
--- a/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md
+++ b/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_image_tag_not_immutable)
### Description
diff --git a/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md b/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md
index 9f869ab434f..ba4ae599f53 100644
--- a/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md
+++ b/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_put_action_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md b/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md
index 7c89ae8bc74..012a17dca5c 100644
--- a/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md
+++ b/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/glue_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md b/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md
index 88c20f2b1c9..623bc9adb4b 100644
--- a/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md
+++ b/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/athena_workgroup_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md b/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md
index 49089a3b4f3..5e977f2f578 100644
--- a/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md
+++ b/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PutGroupPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md b/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md
index b2d9fbb9cd9..ea3329a9483 100644
--- a/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md
+++ b/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/hardcoded_aws_access_key)
### Description
diff --git a/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md b/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md
index 37f5f902729..19d1e324a39 100644
--- a/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md
+++ b/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_logs_destination_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md b/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md
index 5228d24a977..e0196b65119 100644
--- a/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md
+++ b/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AttachUserPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md b/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md
index c09652c8d63..32687c118b8 100644
--- a/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md
+++ b/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_listening_on_http)
### Description
diff --git a/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md b/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md
index 062747f53ab..67a85cab580 100644
--- a/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md
+++ b/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_permission_principal_is_wildcard)
### Description
diff --git a/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md b/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md
index 0ec7758498b..c353fb8240d 100644
--- a/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md
+++ b/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AttachRolePolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md b/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md
index a0c8dbdf8df..dfef318d1f5 100644
--- a/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md
+++ b/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sensitive_port_is_exposed_to_small_public_network)
### Description
diff --git a/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md b/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md
index eb45077a6d2..fd80afae1f6 100644
--- a/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md
+++ b/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/resource_not_using_tags)
### Description
diff --git a/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md b/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md
index bd1e0f6b8c6..3c7501ea288 100644
--- a/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md
+++ b/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_role_policy_passrole_allows_all)
### Description
diff --git a/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md b/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md
index 8b55e857e99..9a438db018c 100644
--- a/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md
+++ b/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_cluster_with_backup_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md b/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md
index 093564d95f9..fd0397b8fd0 100644
--- a/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md
+++ b/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_access_analyzer_not_enabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md b/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md
index 9383c59d80c..8ccc1a62f33 100644
--- a/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md
+++ b/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ebs_volume_snapshot_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md b/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md
index 4094f9a0c20..9a8715f3702 100644
--- a/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md
+++ b/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_without_iam_authentication)
### Description
diff --git a/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md b/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md
index ee93da94d1a..37672175eda 100644
--- a/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md
+++ b/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PutGroupPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md b/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md
index 7211405ef56..fa7c7389fd6 100644
--- a/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md
+++ b/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_repository_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md b/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md
index 68384d7eb9e..7d9ec966d17 100644
--- a/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md
+++ b/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_without_slow_logs)
### Description
diff --git a/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md b/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md
index ff424b4a826..3bdb0ecbf8f 100644
--- a/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md
+++ b/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_vpc_endpoint_without_dns_resolution)
### Description
diff --git a/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md b/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md
index 7859b5db25a..e27318166d0 100644
--- a/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md
+++ b/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_iam_policy_changes_alarm_missing)
### Description
diff --git a/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md b/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md
index 9662114e49d..49ba8161245 100644
--- a/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md
+++ b/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PutRolePolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md b/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md
index 735be9892f9..ded23abbe39 100644
--- a/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md
+++ b/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cognito_userpool_without_mfa)
### Description
diff --git a/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md b/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md
index 56a8ff9f457..863b75abfcf 100644
--- a/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md
+++ b/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_CreatePolicyVersion)
### Description
diff --git a/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md b/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md
index eabee8241a4..f68b725cfe9 100644
--- a/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md
+++ b/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/sns)
### Description
diff --git a/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md b/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md
index 1e0aef0fe6a..b9605643a72 100644
--- a/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md
+++ b/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_with_invalid_compression)
### Description
diff --git a/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md b/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md
index 9c2292c02a5..5bf8dec56eb 100644
--- a/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md
+++ b/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_glue_UpdateDevEndpoint)
### Description
diff --git a/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md b/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md
index 0cc000c8395..393f988bcb9 100644
--- a/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md
+++ b/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_CreatePolicyVersion)
### Description
diff --git a/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md b/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md
index 6e19c57788f..8648d60b39b 100644
--- a/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md
+++ b/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_files_s3_bucket_with_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md b/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md
index 0869b9f470f..28e7251e10d 100644
--- a/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md
+++ b/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PutRolePolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md b/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md
index 0ee29323133..1126aa66cc0 100644
--- a/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md
+++ b/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_without_retention_period_specified)
### Description
diff --git a/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md b/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md
index 5a58f895741..e86fac2bc7a 100644
--- a/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md
+++ b/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_security_group_has_public_interface)
### Description
diff --git a/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md b/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md
index 878e5665e35..717f2274786 100644
--- a/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md
+++ b/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_UpdateAssumeRolePolicy_and_sts_AssumeRole)
### Description
diff --git a/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md b/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md
index 9d6da65524f..f3291cf60f3 100644
--- a/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md
+++ b/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dax_cluster_not_encrypted)
### Description
diff --git a/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md b/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md
index 50f956f2a93..642c94da9fd 100644
--- a/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md
+++ b/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_using_default_security_group)
### Description
diff --git a/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md b/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md
index 4637a1b2176..6718a3adc56 100644
--- a/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md
+++ b/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sagemaker_notebook_instance_without_kms)
### Description
diff --git a/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md b/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md
index 249c260f8b8..8fe2cd8e71f 100644
--- a/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md
+++ b/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AttachRolePolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md b/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md
index 60e5a59b977..625fc0dfeea 100644
--- a/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md
+++ b/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/efs)
### Description
diff --git a/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md b/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md
index 735e0cdb430..5314b963f86 100644
--- a/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md
+++ b/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_flowlogs_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md b/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md
index 26d8372cc9d..c053118ea26 100644
--- a/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md
+++ b/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md b/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md
index 980b1f79c30..5af3b455132 100644
--- a/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md
+++ b/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AttachGroupPolicy)
### Description
diff --git a/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md b/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md
index 1aae6f40ef5..eb8f5181674 100644
--- a/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md
+++ b/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secrets_manager_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md b/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md
index b8d0a3b8af2..be85024700c 100644
--- a/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md
+++ b/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_lambda_CreateFunction_lambda_InvokeFunction)
### Description
diff --git a/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md b/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md
index 3cadf2509a5..337169a160f 100644
--- a/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md
+++ b/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/efs_with_vulnerable_policy)
### Description
diff --git a/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md b/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md
index e031c438477..5fbd253dd5e 100644
--- a/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md
+++ b/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_group_without_users)
### Description
diff --git a/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md b/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md
index 86f11fcf1d0..44226ef78a9 100644
--- a/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md
+++ b/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/mq)
### Description
diff --git a/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md b/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md
index 84465be5e90..97c23148221 100644
--- a/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md
+++ b/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_without_network_firewall)
### Description
diff --git a/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md b/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md
index 9821cd37153..e1d269b2054 100644
--- a/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md
+++ b/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/http_port_open)
### Description
diff --git a/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md b/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md
index 3dec0b31b35..555c39a270d 100644
--- a/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md
+++ b/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_delete_action_from_all_principals)
### Description
diff --git a/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md b/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md
index a10b93d7eb0..731377e687c 100644
--- a/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md
+++ b/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/ssl_enforce_is_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md b/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md
index 9b3d12c63e9..bbe134f9971 100644
--- a/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md
+++ b/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_log_disconnections_not_set)
### Description
diff --git a/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md b/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md
index a530eaaba6b..261eb559988 100644
--- a/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md
+++ b/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mariadb_server_georedundant_backup_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md b/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md
index 0850b0ea7b1..d343370436b 100644
--- a/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md
+++ b/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/web_app_accepting_traffic_other_than_https)
### Description
diff --git a/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md b/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md
index 55e35648b3a..f70fc07c885 100644
--- a/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md
+++ b/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_account_not_forcing_https)
### Description
diff --git a/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md b/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md
index c6f8b398849..f3341e30d63 100644
--- a/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md
+++ b/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_log_duration_not_set)
### Description
diff --git a/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md b/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md
index c954fcf1673..0dcfb234704 100644
--- a/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md
+++ b/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/public_storage_account)
### Description
diff --git a/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md b/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md
index a98406b9638..eae7180805a 100644
--- a/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md
+++ b/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_ingress_from_any_ip)
### Description
diff --git a/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md b/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md
index bf4ee1e9a38..bc07aa4ee40 100644
--- a/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md
+++ b/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_postgresql_db_server_log_retention_period)
### Description
diff --git a/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md b/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md
index 44996edff2b..7fbd76f2dfd 100644
--- a/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md
+++ b/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_predictable_admin_account_name)
### Description
diff --git a/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md b/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md
index 04ea0e5f78c..aebacba6a6d 100644
--- a/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md
+++ b/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_server_without_connection_throttling)
### Description
diff --git a/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md b/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md
index 29a77424c22..fa353fd6257 100644
--- a/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md
+++ b/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_activity_log_retention_period)
### Description
diff --git a/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md b/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md
index ebf013824a4..7be50b43b66 100644
--- a/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md
+++ b/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/waf_is_disabled_for_azure_application_gateway)
### Description
diff --git a/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md b/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md
index c39e0a57ba0..88cbd7fce88 100644
--- a/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md
+++ b/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/security_contact_email)
### Description
diff --git a/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md b/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md
index d987451db47..cfb6fe659e8 100644
--- a/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md
+++ b/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_log_checkpoints_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md b/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md
index d9b48b68676..126f712661e 100644
--- a/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md
+++ b/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/vault_auditing_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md b/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md
index 2cdf5dd083a..9d6d372d3b4 100644
--- a/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md
+++ b/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_table_allows_all_acl_permissions)
### Description
diff --git a/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md b/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md
index 375fbc78d13..501f969125b 100644
--- a/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md
+++ b/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/ssh_is_exposed_to_the_internet)
### Description
diff --git a/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md b/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md
index 5479e58f058..fdb4ed3b8c1 100644
--- a/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md
+++ b/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/role_definition_allows_custom_role_creation)
### Description
diff --git a/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md b/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md
index 7ed8e378925..95cffd9385b 100644
--- a/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md
+++ b/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/network_interfaces_ip_forwarding_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md b/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md
index 4793cb899c3..eaa19ac38ab 100644
--- a/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md
+++ b/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_uses_azure_policies_addon_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md b/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md
index 9d36e15adc5..baa31272705 100644
--- a/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md
+++ b/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_not_using_latest_tls_encryption_version)
### Description
diff --git a/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md b/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md
index 227cb8bd527..c674b29105a 100644
--- a/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md
+++ b/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_share_file_allows_all_acl_permissions)
### Description
diff --git a/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md b/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md
index 8a31df0d04a..7b4fce3a85b 100644
--- a/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md
+++ b/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_cognitive_search_public_network_access_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md b/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md
index 4cb3be3dcc7..12cd4ebf4dd 100644
--- a/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md
+++ b/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/key_expiration_not_set)
### Description
diff --git a/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md b/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md
index 3d960a3e23b..5fb47c793ed 100644
--- a/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md
+++ b/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md b/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md
index cebc27a11ba..b77b2487e30 100644
--- a/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md
+++ b/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_http2_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md b/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md
index de08c1f7b71..690336e95e7 100644
--- a/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md
+++ b/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/trusted_microsoft_services_not_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md b/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md
index 60f905c2c1e..2e576ffc97b 100644
--- a/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md
+++ b/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_alert_email_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md b/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md
index ace08989c21..ac0a2a86845 100644
--- a/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md
+++ b/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/cosmos_db_account_without_tags)
### Description
diff --git a/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md b/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md
index b957f8d6051..2286a3ed010 100644
--- a/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md
+++ b/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sensitive_port_is_exposed_to_entire_network)
### Description
diff --git a/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md b/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md
index 142f88afeae..3ea9a7e3b04 100644
--- a/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md
+++ b/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_private_cluster_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md b/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md
index 1a0c5f64680..57a8bc79902 100644
--- a/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md
+++ b/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_msql_server_audit_retention)
### Description
diff --git a/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md b/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md
index 68a7826f0b5..ab855e45ee4 100644
--- a/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md
+++ b/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/security_group_is_not_configured)
### Description
diff --git a/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md b/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md
index d7a16c9474c..d64b939f91e 100644
--- a/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md
+++ b/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mssql_server_auditing_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md b/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md
index a641ec5e1c9..d1a94b098a9 100644
--- a/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md
+++ b/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/dashboard_is_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md b/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md
index 8e5a88972ec..fe59ff4f128 100644
--- a/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md
+++ b/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_server_infrastructure_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md b/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md
index 143f46f960c..cd95a85961f 100644
--- a/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md
+++ b/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mysql_ssl_connection_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md b/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md
index cb1c935d416..384d3259a34 100644
--- a/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md
+++ b/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_flow_logs_retention_period)
### Description
diff --git a/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md b/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md
index 92d0d5fab20..59f8d444397 100644
--- a/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md
+++ b/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mariadb_public_network_access_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md b/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md
index a7528b101b4..ab973d7289c 100644
--- a/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md
+++ b/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/security_center_pricing_tier_is_not_standard)
### Description
diff --git a/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md b/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md
index 357c93c19fc..9584f45bc62 100644
--- a/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md
+++ b/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_account_not_using_latest_tls_encryption_version)
### Description
diff --git a/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md b/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md
index 38588bea453..eaba4b81a17 100644
--- a/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md
+++ b/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_front_door_waf_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md b/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md
index b3046ac0d98..f2f8c1a405e 100644
--- a/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md
+++ b/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_database_audit_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md b/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md
index 99e34a340d1..7fb5fc0e687 100644
--- a/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md
+++ b/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_ftps_enforce_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md b/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md
index a9b89bedd0e..ded14de5ecd 100644
--- a/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md
+++ b/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_rbac_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md b/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md
index b5a2e6279b3..c39d979c7fe 100644
--- a/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md
+++ b/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/geo_redundancy_is_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md b/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md
index 63d36bed6d8..7307bfc83cd 100644
--- a/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md
+++ b/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/role_assignment_not_limit_guest_users_permissions)
### Description
diff --git a/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md b/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md
index 5134c2afd2a..7e51445b038 100644
--- a/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md
+++ b/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_without_latest_php_version)
### Description
diff --git a/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md b/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md
index 4eb67a9a516..450fc1171c3 100644
--- a/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md
+++ b/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_client_certificates_unrequired)
### Description
diff --git a/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md b/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md
index 89a1b071f1b..6a7dbc1dae0 100644
--- a/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md
+++ b/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_mssql_audit_retention_period)
### Description
diff --git a/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md b/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md
index 90a3f1ace14..e85a93b60b0 100644
--- a/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md
+++ b/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_ftps_enforce_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md b/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md
index 39c73a71f41..73807e21739 100644
--- a/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md
+++ b/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/email_alerts_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md b/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md
index e0697b5c501..f97af296643 100644
--- a/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md
+++ b/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_container_registry_with_no_locks)
### Description
diff --git a/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md b/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md
index a488bb6ef68..5d7cee9dd85 100644
--- a/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md
+++ b/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_active_directory_authentication)
### Description
diff --git a/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md b/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md
index 1be934d7959..66d5c1413df 100644
--- a/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md
+++ b/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/ad_admin_not_configured_for_sql_server)
### Description
diff --git a/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md b/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md
index 68272aceb9b..dc2f2e85543 100644
--- a/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md
+++ b/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/default_azure_storage_account_network_access_is_too_permissive)
### Description
diff --git a/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md b/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md
index 72a0bb547a7..a4e053db285 100644
--- a/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md
+++ b/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_app_service_client_certificate_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md b/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md
index 4b978a4512f..79b62fd5c19 100644
--- a/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md
+++ b/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/firewall_rule_allows_too_many_hosts_to_access_redis_cache)
### Description
diff --git a/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md b/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md
index 8e6d2f62f7a..1d77b10caa1 100644
--- a/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md
+++ b/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/encryption_on_managed_disk_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md b/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md
index c23c5604f17..4aaf3e2d76f 100644
--- a/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md
+++ b/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_http2_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md b/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md
index 2e05123ae77..f1f4acb1c22 100644
--- a/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md
+++ b/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mssql_server_public_network_access_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md b/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md
index b10ea12f63a..4c910da5289 100644
--- a/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md
+++ b/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_disk_encryption_set_id_undefined)
### Description
diff --git a/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md b/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md
index 67b84ed008f..28593978f73 100644
--- a/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md
+++ b/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Availability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/virtual_network_with_ddos_protection_plan_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md b/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md
index 735e1cf3a45..63da76c4678 100644
--- a/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md
+++ b/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_managed_identity_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md b/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md
index 6daa5a30fb1..6b4c67966a8 100644
--- a/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md
+++ b/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version)
### Description
diff --git a/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md b/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md
index 99452d85bb6..d813b0562e0 100644
--- a/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md
+++ b/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/admin_user_enabled_for_container_registry)
### Description
diff --git a/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md b/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md
index 1835e16a02b..fadd0b058f3 100644
--- a/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md
+++ b/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/network_watcher_flow_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md b/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md
index 818a5778057..0c9f2a503e2 100644
--- a/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md
+++ b/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_not_updated_regularly)
### Description
diff --git a/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md b/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md
index b342b3c8f98..203e6791f6b 100644
--- a/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md
+++ b/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/vm_not_attached_to_network)
### Description
diff --git a/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md b/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md
index 49cf0555277..97de8c09dbb 100644
--- a/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md
+++ b/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_predictable_active_directory_admin_account_name)
### Description
diff --git a/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md b/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md
index 8137349c2e4..691b8a181e7 100644
--- a/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md
+++ b/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/network_interfaces_with_public_ip)
### Description
diff --git a/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md b/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md
index 913d261f78e..818e07fcec1 100644
--- a/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md
+++ b/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/cosmosdb_account_ip_range_filter_not_set)
### Description
diff --git a/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md b/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md
index 490e1314be5..2af873a996a 100644
--- a/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md
+++ b/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_server_threat_detection_policy_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md b/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md
index 67f59d0b544..ccfb17ada08 100644
--- a/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md
+++ b/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_log_connections_not_set)
### Description
diff --git a/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md b/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md
index dae0192d091..d30f46f393a 100644
--- a/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md
+++ b/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sensitive_port_is_exposed_to_wide_private_network)
### Description
diff --git a/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md b/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md
index aac5bf373e5..14a65c0f4f3 100644
--- a/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md
+++ b/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_authentication_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md b/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md
index b359f017ffd..15a464cdb39 100644
--- a/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md
+++ b/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_managed_identity_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md b/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md
index 3065c6dbada..8cecd5e6261 100644
--- a/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md
+++ b/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_without_latest_python_version)
### Description
diff --git a/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md b/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md
index b1947129618..1e3ae490283 100644
--- a/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md
+++ b/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/unrestricted_sql_server_access)
### Description
diff --git a/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md b/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md
index 19fd5f6590f..358ca7e34ab 100644
--- a/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md
+++ b/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_instance_using_basic_authentication)
### Description
diff --git a/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md b/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md
index c45c65b2ea2..414e59bbe28 100644
--- a/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md
+++ b/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_container_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md b/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md
index 5d80a501946..8752f14a678 100644
--- a/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md
+++ b/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/secret_expiration_not_set)
### Description
diff --git a/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md b/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md
index dcb04ea8061..485178f8bcc 100644
--- a/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md
+++ b/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_cache_allows_non_ssl_connections)
### Description
diff --git a/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md b/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md
index 0129cf1e160..6bdb95a043e 100644
--- a/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md
+++ b/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_authentication_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md b/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md
index 25f64788daf..3f9f85d2e55 100644
--- a/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md
+++ b/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sensitive_port_is_exposed_to_small_public_network)
### Description
diff --git a/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md b/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md
index 40e74e1f09e..3277dde0538 100644
--- a/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md
+++ b/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/rdp_is_exposed_to_the_internet)
### Description
diff --git a/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md b/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md
index 1a02a2ca894..5e1110abae2 100644
--- a/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md
+++ b/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mysql_server_public_access_enabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md b/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md
index f6952de61f4..48e330789c1 100644
--- a/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md
+++ b/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_network_policy_misconfigured)
### Description
diff --git a/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md b/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md
index 398376b57d9..155496915d6 100644
--- a/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md
+++ b/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_auditing_disabled)
### Description
diff --git a/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md b/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md
index 9d36e81f53e..976a00fabbb 100644
--- a/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md
+++ b/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/key_vault_secrets_content_type_undefined)
### Description
diff --git a/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md b/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md
index b6eb6e20408..3b0867074e8 100644
--- a/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md
+++ b/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_entirely_accessible)
### Description
diff --git a/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md b/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md
index 7af72c9d665..8a978983d20 100644
--- a/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md
+++ b/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/log_retention_is_not_set)
### Description
diff --git a/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md b/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md
index 98dc60e59df..968c3b8ef3b 100644
--- a/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md
+++ b/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Check Databricks Cluster AWS Attribute Best Practices
+title: Beta - Check Databricks Cluster AWS Attribute Best Practices
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** b0749c53-e3ff-4d09-bbe4-dca94e2e7a38
-- **Query name:** (Beta) Check Databricks Cluster AWS Attribute Best Practices
+- **Query name:** Beta - Check Databricks Cluster AWS Attribute Best Practices
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/cluster_aws_attributes)
### Description
diff --git a/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md b/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md
index 639f20e9bf8..b75cba2bd5f 100644
--- a/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md
+++ b/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/network_policy_is_not_targeting_any_pod)
### Description
diff --git a/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md b/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md
index c9f01038266..f7d2703fdd0 100644
--- a/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md
+++ b/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/metadata_label_is_invalid)
### Description
diff --git a/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md b/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md
index 497f10a6117..90b65c40347 100644
--- a/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md
+++ b/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/missing_app_armor_config)
### Description
diff --git a/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md b/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md
index f80d6f36039..d66fe450171 100644
--- a/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md
+++ b/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/privilege_escalation_allowed)
### Description
diff --git a/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md b/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md
index 2f30c3c92c7..e72a8f8ff68 100644
--- a/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md
+++ b/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/tiller_is_deployed)
### Description
diff --git a/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md b/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md
index fd3fe49f3c2..2319dec4cc9 100644
--- a/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md
+++ b/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/github/github_organization_webhook_with_ssl_disabled)
### Description
diff --git a/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md b/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md
index 7f730ef71de..64efad72366 100644
--- a/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md
+++ b/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/root_container_not_mounted_as_read_only)
### Description
diff --git a/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md b/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md
index 2b04db392de..985c56917d5 100644
--- a/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md
+++ b/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/ingress_controller_exposes_workload)
### Description
diff --git a/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md b/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md
index 4eb930e3da0..9be794954c5 100644
--- a/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md
+++ b/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/net_raw_capabilities_not_being_dropped)
### Description
diff --git a/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md b/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md
index 9b86e5eec21..7e1b3e4c812 100644
--- a/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md
+++ b/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Supply-Chain
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/invalid_image)
### Description
diff --git a/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md b/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md
index 664408cc391..1322f29314b 100644
--- a/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md
+++ b/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/shared_host_ipc_namespace)
### Description
diff --git a/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md b/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md
index 3677c892b4c..81feb00897a 100644
--- a/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md
+++ b/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/shared_service_account)
### Description
diff --git a/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md b/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md
index 5a817ddf056..e4c94536dea 100644
--- a/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md
+++ b/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/variable_without_type)
### Description
diff --git a/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md b/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md
index bc93008c450..0f49e3db845 100644
--- a/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md
+++ b/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Build Process
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/statefulset_requests_storage)
### Description
diff --git a/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md b/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md
index 432a3d423f0..d1095a69c54 100644
--- a/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md
+++ b/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/memory_limits_not_defined)
### Description
diff --git a/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md b/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md
index 9bf2a9d932e..65e94ef8bb1 100644
--- a/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md
+++ b/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_with_added_capabilities)
### Description
diff --git a/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md b/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md
index da4358c88f7..d8a7ea40fd3 100644
--- a/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md
+++ b/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/sql_db_instance_with_ssl_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md b/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md
index b4b8f05c6bc..cafa47a8815 100644
--- a/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md
+++ b/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/network_policy_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md b/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md
index 2634b03aaca..b3b2cd346d1 100644
--- a/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md
+++ b/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Best Practices
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/outdated_gke_version)
### Description
diff --git a/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md b/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md
index 8446ff77a18..55221cae107 100644
--- a/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md
+++ b/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_ssl_policy_weak_cipher_in_use)
### Description
diff --git a/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md b/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md
index 0520a08fc6d..b2c5fa5be53 100644
--- a/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md
+++ b/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/kms_crypto_key_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md b/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md
index 484ac8fcce8..b21edcff454 100644
--- a/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md
+++ b/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/shielded_vm_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md b/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md
index 0c1e21f5f0d..10658261236 100644
--- a/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md
+++ b/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/gke_using_default_service_account)
### Description
diff --git a/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md b/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md
index b9fcd9ad5ee..a7e81d9be40 100644
--- a/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md
+++ b/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_network_using_firewall_rule_allows_all_ports)
### Description
diff --git a/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md b/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md
index fc5e5e4c443..100f6795880 100644
--- a/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md
+++ b/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/sb)
### Description
diff --git a/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md b/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md
index 5ac4c46bbb1..eff32ba7404 100644
--- a/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md
+++ b/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/stackdriver_monitoring_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md b/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md
index 2ef5f608f0f..0c7c7fda1d3 100644
--- a/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md
+++ b/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/os_login_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md b/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md
index af7d86b1df8..38a62d99917 100644
--- a/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md
+++ b/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Defaults
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/using_default_service_account)
### Description
diff --git a/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md b/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md
index 132153ddcb6..440b0dfa77e 100644
--- a/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md
+++ b/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances)
### Description
diff --git a/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md b/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md
index 8a9905955bd..d933e520dc5 100644
--- a/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md
+++ b/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_subnetwork_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md b/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md
index 3d0625f5011..506806fde60 100644
--- a/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md
+++ b/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_network_using_default_firewall_rule)
### Description
diff --git a/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md b/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md
index f48af3c175b..d8a7f68300b 100644
--- a/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md
+++ b/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/pst)
### Description
diff --git a/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md b/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md
index c77d3a7183a..70d01fe41e2 100644
--- a/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md
+++ b/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/stackdriver_logging_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md b/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md
index 03583129d6a..419e5ce5385 100644
--- a/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md
+++ b/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/shielded_gke_nodes_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md b/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md
index eb0b06f5fc3..0dcd1c28741 100644
--- a/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md
+++ b/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_auto_create_network_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md b/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md
index a394e72077b..2f82ed86787 100644
--- a/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md
+++ b/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/gke_legacy_authorization_enabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md b/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md
index 40afa324c6b..d9dc89bad9a 100644
--- a/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md
+++ b/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_dns_without_dnssec)
### Description
diff --git a/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md b/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md
index a73b8c5e1fb..3f962b0f86a 100644
--- a/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md
+++ b/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_iam_binding_service_account_has_token_creator_or_account_user_role)
### Description
diff --git a/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md b/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md
index 0c9735410d4..f599cbf1560 100644
--- a/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md
+++ b/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cluster_labels_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md b/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md
index 811bc1e1d50..adb612a1afe 100644
--- a/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md
+++ b/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/rdp_access_is_not_restricted)
### Description
diff --git a/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md b/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md
index 14d078d8218..fd476b0c7d0 100644
--- a/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md
+++ b/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/private_cluster_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md b/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md
index c1a99168259..92ab75501a9 100644
--- a/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md
+++ b/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/user_with_iam_role)
### Description
diff --git a/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md b/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md
index 014e2f88f46..003629f5a90 100644
--- a/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md
+++ b/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/legacy_client_certificate_auth_enabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md b/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md
index 8faf10f3d93..33d7ca75977 100644
--- a/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md
+++ b/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_iam_member_service_account_has_admin_role)
### Description
diff --git a/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md b/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md
index b8f95401074..9fb6e28ac9f 100644
--- a/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md
+++ b/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/dataflow)
### Description
diff --git a/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md b/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md
index 8796348bdcf..0c18fb1ae5b 100644
--- a/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md
+++ b/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/iam_audit_not_properly_configured)
### Description
diff --git a/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md b/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md
index 9570013ffd0..872b7c83e67 100644
--- a/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md
+++ b/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cos_node_image_not_used)
### Description
diff --git a/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md b/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md
index 8ecb24b59d8..dbf88fea1c1 100644
--- a/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md
+++ b/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/pod_security_policy_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md b/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md
index 0e0c1ceedbf..8466028a781 100644
--- a/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md
+++ b/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/kms_admin_and_crypto_key_roles_in_use)
### Description
diff --git a/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md b/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md
index cc58c786b0a..cc06d361df1 100644
--- a/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md
+++ b/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/not_proper_email_account_in_use)
### Description
diff --git a/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md b/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md
index 642044c730c..29e4609c83a 100644
--- a/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md
+++ b/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/vm_serial_ports_are_enabled_for_vm_instances)
### Description
diff --git a/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md b/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md
index 85a620824b4..e0933f8a6e6 100644
--- a/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md
+++ b/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md b/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md
index f1568fa04fd..a4443d47484 100644
--- a/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md
+++ b/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_container_node_pool_auto_repair_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md b/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md
index d055e0027c4..4ff389dc7eb 100644
--- a/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md
+++ b/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/node_auto_upgrade_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md b/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md
index 95a9e8d9986..17ee51992bb 100644
--- a/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md
+++ b/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Critical
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/sql_db_instance_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md b/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md
index 84bbba75f5b..b3c6583e6e8 100644
--- a/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md
+++ b/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/disk_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md b/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md
index 543fa92661a..401cbba0bd0 100644
--- a/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md
+++ b/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_storage_bucket_level_access_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md b/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md
index 8d4d46dc3f5..ae7364546de 100644
--- a/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md
+++ b/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/vm_with_full_cloud_access)
### Description
diff --git a/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md b/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md
index cac257c7b50..4acf5dd95e9 100644
--- a/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md
+++ b/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/redis)
### Description
diff --git a/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md b/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md
index 87f20864d02..cff82650263 100644
--- a/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md
+++ b/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_bucket_is_publicly_accessible)
### Description
diff --git a/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md b/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md
index eb6d7f09f1e..45d7732f484 100644
--- a/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md
+++ b/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/ssh_access_is_not_restricted)
### Description
diff --git a/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md b/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md
index 56883ba8b1b..6b7aa4ee6bc 100644
--- a/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md
+++ b/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/ip_aliasing_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md b/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md
index d307cd6f5cc..0688382e6ca 100644
--- a/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md
+++ b/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_iam_member_service_account_has_token_creator_or_account_user_role)
### Description
diff --git a/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md b/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md
index 787580b6d91..1d454d88b4e 100644
--- a/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md
+++ b/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/fi)
### Description
diff --git a/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md b/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md
index b50dd112635..8b59efcd412 100644
--- a/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md
+++ b/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/dnssec_using_rsasha1)
### Description
diff --git a/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md b/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md
index f55a31562a5..07ed9838a44 100644
--- a/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md
+++ b/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Resource Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/service_account_with_improper_privileges)
### Description
diff --git a/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md b/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md
index 9fcb8f26fa9..6c73052a025 100644
--- a/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md
+++ b/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/sql_db_instance_backup_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md b/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md
index a2e830e3bec..fd296edc29e 100644
--- a/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md
+++ b/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/os_login_is_disabled_for_vm_instance)
### Description
diff --git a/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md b/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md
index 5439fc72890..276d4f6490e 100644
--- a/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md
+++ b/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_bucket_logging_not_enabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md b/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md
index 20464758d5d..9f51e875053 100644
--- a/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md
+++ b/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Secret Management
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/high_google_kms_crypto_key_rotation_period)
### Description
diff --git a/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md b/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md
index 0d5408ba1ca..95e3eac93d8 100644
--- a/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md
+++ b/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Trace
- **Category:** Bill Of Materials
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/pd)
### Description
diff --git a/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md b/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md
index 83332ce2ba8..4ef90aa3acd 100644
--- a/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md
+++ b/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** High
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/bigquery_dataset_is_public)
### Description
diff --git a/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md b/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md
index 7313298e553..fbbe55c98b4 100644
--- a/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md
+++ b/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_network_using_firewall_rule_allows_port_range)
### Description
diff --git a/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md b/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md
index 910e3cfdb76..3e3325fb954 100644
--- a/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md
+++ b/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_bucket_versioning_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md b/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md
index 9a82e3f46e7..a903b5d71b5 100644
--- a/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md
+++ b/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_subnetwork_with_private_google_access_disabled)
### Description
diff --git a/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md b/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md
index 169b4ab5cbf..a8b3ab1e396 100644
--- a/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md
+++ b/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md
@@ -20,6 +20,7 @@ hide:
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/ip_forwarding_enabled)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md b/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md
index 5edb04183b7..8aa5ea42d92 100644
--- a/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md
+++ b/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Router Has Common Private Network
+title: Beta - Nifcloud Router Has Common Private Network
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 30c2760c-740e-4672-9d7f-2c29e0cb385d
-- **Query name:** (Beta) Nifcloud Router Has Common Private Network
+- **Query name:** Beta - Nifcloud Router Has Common Private Network
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/router_has_common_private)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md b/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md
index 8ef7525f8dd..3292617f3e2 100644
--- a/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md
+++ b/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Computing Undefined Description To Security Group
+title: Beta - Nifcloud Computing Undefined Description To Security Group
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 41c127a9-3a85-4bc3-a333-ed374eb9c3e4
-- **Query name:** (Beta) Nifcloud Computing Undefined Description To Security Group
+- **Query name:** Beta - Nifcloud Computing Undefined Description To Security Group
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_security_group_description_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md b/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md
index 18d964ca235..c3e588883d4 100644
--- a/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md
+++ b/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud NAS Has Common Private Network
+title: Beta - Nifcloud NAS Has Common Private Network
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 4b801c38-ebb4-4c81-984b-1ba525d43adf
-- **Query name:** (Beta) Nifcloud NAS Has Common Private Network
+- **Query name:** Beta - Nifcloud NAS Has Common Private Network
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/nas_instance_has_common_private)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md b/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md
index bc71aec54e4..21795d64708 100644
--- a/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md
+++ b/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud ELB Has Common Private Network
+title: Beta - Nifcloud ELB Has Common Private Network
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 5061f84c-ab66-4660-90b9-680c9df346c0
-- **Query name:** (Beta) Nifcloud ELB Has Common Private Network
+- **Query name:** Beta - Nifcloud ELB Has Common Private Network
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/elb_has_common_private)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md b/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md
index e5e365b72cf..859a353bc6a 100644
--- a/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md
+++ b/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud LB Use Insecure TLS Policy Name
+title: Beta - Nifcloud LB Use Insecure TLS Policy Name
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 675e8eaa-2754-42b7-bf33-bfa295d1601d
-- **Query name:** (Beta) Nifcloud LB Use Insecure TLS Policy Name
+- **Query name:** Beta - Nifcloud LB Use Insecure TLS Policy Name
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md b/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md
index 8eec3a52878..9e1c849cddc 100644
--- a/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md
+++ b/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Computing Undefined Security Group To Instance
+title: Beta - Nifcloud Computing Undefined Security Group To Instance
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 89218b48-75c9-4cb3-aaba-5299e852e8bc
-- **Query name:** (Beta) Nifcloud Computing Undefined Security Group To Instance
+- **Query name:** Beta - Nifcloud Computing Undefined Security Group To Instance
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md b/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md
index 5c6b4e9f031..afb97903d4b 100644
--- a/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md
+++ b/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule
+title: Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 8d7758a7-d9cd-499a-a83e-c9bdcbff728d
-- **Query name:** (Beta) Nifcloud NAS Has Public Ingress NAS Security Group Rule
+- **Query name:** Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md b/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md
index 9ae9da75ea7..58cab1de627 100644
--- a/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md
+++ b/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud RDB Undefined Description To DB Security Group
+title: Beta - Nifcloud RDB Undefined Description To DB Security Group
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 940ddce2-26bd-4e31-a9b4-382714f73231
-- **Query name:** (Beta) Nifcloud RDB Undefined Description To DB Security Group
+- **Query name:** Beta - Nifcloud RDB Undefined Description To DB Security Group
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_security_group_description_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md b/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md
index c76550dbc45..da6b1a57276 100644
--- a/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md
+++ b/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud LB Use Insecure TLS Policy ID
+title: Beta - Nifcloud LB Use Insecure TLS Policy ID
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 944439c7-b4b8-476a-8f83-14641ea876ba
-- **Query name:** (Beta) Nifcloud LB Use Insecure TLS Policy ID
+- **Query name:** Beta - Nifcloud LB Use Insecure TLS Policy ID
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md b/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md
index 5dcc1f1f5a6..fb16298e5a1 100644
--- a/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md
+++ b/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud LB Use HTTP Port
+title: Beta - Nifcloud LB Use HTTP Port
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 94e47f3f-b90b-43a1-a36d-521580bae863
-- **Query name:** (Beta) Nifcloud LB Use HTTP Port
+- **Query name:** Beta - Nifcloud LB Use HTTP Port
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_use_http)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md b/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md
index f0e9c46ceff..b7d2c6a45fd 100644
--- a/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md
+++ b/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud RDB Has Common Private Network
+title: Beta - Nifcloud RDB Has Common Private Network
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 9bf57c23-fbab-4222-85f3-3f207a53c6a8
-- **Query name:** (Beta) Nifcloud RDB Has Common Private Network
+- **Query name:** Beta - Nifcloud RDB Has Common Private Network
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_instance_has_common_private)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md b/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md
index 238002ef9ea..087c7e7fd9e 100644
--- a/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md
+++ b/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud LB Listener Use HTTP Port
+title: Beta - Nifcloud LB Listener Use HTTP Port
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 9f751a80-31f0-43a3-926c-20772791a038
-- **Query name:** (Beta) Nifcloud LB Listener Use HTTP Port
+- **Query name:** Beta - Nifcloud LB Listener Use HTTP Port
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_listener_use_http)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md b/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md
index 4fbc00fd81d..90ca72afa7b 100644
--- a/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md
+++ b/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule
+title: Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** a0b846e8-815f-4f15-b660-bc4ab9fa1e1a
-- **Query name:** (Beta) Nifcloud RDB Has Public DB Ingress Security Group Rule
+- **Query name:** Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md b/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md
index aca2d9a2801..f1517f642e5 100644
--- a/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md
+++ b/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud DNS Has Verified Record
+title: Beta - Nifcloud DNS Has Verified Record
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** a1defcb6-55e8-4511-8c2a-30b615b0e057
-- **Query name:** (Beta) Nifcloud DNS Has Verified Record
+- **Query name:** Beta - Nifcloud DNS Has Verified Record
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/dns_has_verified_record)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md b/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md
index 0a59342a639..c2cdde3f23d 100644
--- a/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md
+++ b/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud ELB Listener Use HTTP Protocol
+title: Beta - Nifcloud ELB Listener Use HTTP Protocol
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** afcb0771-4f94-44ed-ad4a-9f73f11ce6e0
-- **Query name:** (Beta) Nifcloud ELB Listener Use HTTP Protocol
+- **Query name:** Beta - Nifcloud ELB Listener Use HTTP Protocol
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/elb_listener_use_http)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md b/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md
index a4615d3c98f..f9c0aa4e367 100644
--- a/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md
+++ b/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Computing Has Public Ingress Security Group Rule
+title: Beta - Nifcloud Computing Has Public Ingress Security Group Rule
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** b2ea2367-8dc9-4231-a035-d0b28bfa3dde
-- **Query name:** (Beta) Nifcloud Computing Has Public Ingress Security Group Rule
+- **Query name:** Beta - Nifcloud Computing Has Public Ingress Security Group Rule
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md b/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md
index 8c31bea7a84..ee73b5a73e9 100644
--- a/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md
+++ b/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
+title: Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** b3535a48-910c-47f8-8b3b-14222f29ef80
-- **Query name:** (Beta) Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
+- **Query name:** Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md b/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md
index f1cdcd22203..9d114e62c29 100644
--- a/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md
+++ b/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Computing Has Common Private Network
+title: Beta - Nifcloud Computing Has Common Private Network
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** df58dd45-8009-43c2-90f7-c90eb9d53ed9
-- **Query name:** (Beta) Nifcloud Computing Has Common Private Network
+- **Query name:** Beta - Nifcloud Computing Has Common Private Network
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_instance_has_common_private)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md b/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md
index 09ed9b8646a..11313851abb 100644
--- a/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md
+++ b/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud ELB Use HTTP Protocol
+title: Beta - Nifcloud ELB Use HTTP Protocol
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** e2de2b80-2fc2-4502-a764-40930dfcc70a
-- **Query name:** (Beta) Nifcloud ELB Use HTTP Protocol
+- **Query name:** Beta - Nifcloud ELB Use HTTP Protocol
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/elb_use_http)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md b/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md
index 2ab0ee52bd3..235b959f4e7 100644
--- a/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md
+++ b/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Computing Undefined Description To Security Group Rule
+title: Beta - Nifcloud Computing Undefined Description To Security Group Rule
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** e4610872-0b1c-4fb7-ab57-d81c0afdb291
-- **Query name:** (Beta) Nifcloud Computing Undefined Description To Security Group Rule
+- **Query name:** Beta - Nifcloud Computing Undefined Description To Security Group Rule
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md b/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md
index 91f38a28aa6..f5f6275d083 100644
--- a/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md
+++ b/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day
+title: Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** e5071f76-cbe7-468d-bb2b-d10f02d2b713
-- **Query name:** (Beta) Nifcloud RDB Has Backup Retention Less Than 2 Day
+- **Query name:** Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md b/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md
index 730065b4540..c3eaa793899 100644
--- a/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md
+++ b/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud Router Undefined Security Group To Router
+title: Beta - Nifcloud Router Undefined Security Group To Router
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** e7dada38-af20-4899-8955-dabea84ab1f0
-- **Query name:** (Beta) Nifcloud Router Undefined Security Group To Router
+- **Query name:** Beta - Nifcloud Router Undefined Security Group To Router
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/router_security_group_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md b/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md
index e5e1b67b7c7..dc231b60238 100644
--- a/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md
+++ b/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud NAS Undefined Description To NAS Security Group
+title: Beta - Nifcloud NAS Undefined Description To NAS Security Group
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** e840c54a-7a4c-405f-b8c1-c49a54b87d11
-- **Query name:** (Beta) Nifcloud NAS Undefined Description To NAS Security Group
+- **Query name:** Beta - Nifcloud NAS Undefined Description To NAS Security Group
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/nas_security_group_description_undefined)
### Description
diff --git a/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md b/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md
index f378ae18c76..b1ee8178f35 100644
--- a/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md
+++ b/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Nifcloud RDB Has Public DB Access
+title: Beta - Nifcloud RDB Has Public DB Access
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** fb387023-e4bb-42a8-9a70-6708aa7ff21b
-- **Query name:** (Beta) Nifcloud RDB Has Public DB Access
+- **Query name:** Beta - Nifcloud RDB Has Public DB Access
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_has_public_access)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md b/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md
index dfef9d6ed30..49824d528d9 100644
--- a/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md
+++ b/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CDB Instance Internet Using Default Intranet Port
+title: Beta - CDB Instance Internet Using Default Intranet Port
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 18d6aa4b-7570-4d95-9c75-90363ef1abd9
-- **Query name:** (Beta) CDB Instance Internet Using Default Intranet Port
+- **Query name:** Beta - CDB Instance Internet Using Default Intranet Port
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md b/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md
index 121138d960e..ee3c8231584 100644
--- a/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md
+++ b/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Disk Encryption Disabled
+title: Beta - Disk Encryption Disabled
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 1ee0f202-31da-49ba-bbce-04a989912e4b
-- **Query name:** (Beta) Disk Encryption Disabled
+- **Query name:** Beta - Disk Encryption Disabled
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/disk_encryption_disabled)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md b/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md
index c5c27802ae6..f4b7fe83ed3 100644
--- a/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md
+++ b/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md
@@ -1,5 +1,5 @@
---
-title: (Beta) TKE Cluster Encryption Protection Disabled
+title: Beta - TKE Cluster Encryption Protection Disabled
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 3ed47402-e322-465f-a0f0-8681135a17b0
-- **Query name:** (Beta) TKE Cluster Encryption Protection Disabled
+- **Query name:** Beta - TKE Cluster Encryption Protection Disabled
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md b/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md
index 388c39e4b5c..1f06c856386 100644
--- a/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md
+++ b/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CVM Instance Using User Data
+title: Beta - CVM Instance Using User Data
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 5bb6fa08-5e84-4760-a54a-cdcd66626976
-- **Query name:** (Beta) CVM Instance Using User Data
+- **Query name:** Beta - CVM Instance Using User Data
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md b/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md
index cfc9ca6c3ad..c8e9b8b5cef 100644
--- a/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md
+++ b/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CDB Instance Internet Service Enabled
+title: Beta - CDB Instance Internet Service Enabled
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 5d820574-4a60-4916-b049-0810b8629731
-- **Query name:** (Beta) CDB Instance Internet Service Enabled
+- **Query name:** Beta - CDB Instance Internet Service Enabled
- **Platform:** Terraform
- **Severity:** High
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md b/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md
index 00c116544a3..e6814b50ead 100644
--- a/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md
+++ b/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CVM Instance Using Default Security Group
+title: Beta - CVM Instance Using Default Security Group
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 93bb2065-63ec-45a2-a466-f106b56f2e32
-- **Query name:** (Beta) CVM Instance Using Default Security Group
+- **Query name:** Beta - CVM Instance Using Default Security Group
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Access Control
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md b/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md
index ef45e9f1693..056f9cf9246 100644
--- a/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md
+++ b/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CVM Instance Disable Monitor Service
+title: Beta - CVM Instance Disable Monitor Service
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** 966ed4f7-b8a5-4e8d-b2bf-098657c98960
-- **Query name:** (Beta) CVM Instance Disable Monitor Service
+- **Query name:** Beta - CVM Instance Disable Monitor Service
- **Platform:** Terraform
- **Severity:** Info
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md b/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md
index 1a7125d5f09..30bb365d63d 100644
--- a/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md
+++ b/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md
@@ -1,5 +1,5 @@
---
-title: (Beta) VPC Flow Logs Disabled
+title: Beta - VPC Flow Logs Disabled
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** a3240001-40db-47b7-abb9-2bcd6a04c430
-- **Query name:** (Beta) VPC Flow Logs Disabled
+- **Query name:** Beta - VPC Flow Logs Disabled
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md b/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md
index 5ed4ae988b4..a89c4049ca6 100644
--- a/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md
+++ b/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CVM Instance Has Public IP
+title: Beta - CVM Instance Has Public IP
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** a74b4602-a62c-4a02-956a-e19f86ea24b5
-- **Query name:** (Beta) CVM Instance Has Public IP
+- **Query name:** Beta - CVM Instance Has Public IP
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md b/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md
index a77ef66ec15..1706b3400d8 100644
--- a/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md
+++ b/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CLB Instance Log Setting Disabled
+title: Beta - CLB Instance Log Setting Disabled
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** ada01ed1-b10c-4f2a-b110-b20fa4f9baa6
-- **Query name:** (Beta) CLB Instance Log Setting Disabled
+- **Query name:** Beta - CLB Instance Log Setting Disabled
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md b/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md
index 44cdbf38a5c..11f514ee261 100644
--- a/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md
+++ b/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CVM Instance Using Default VPC
+title: Beta - CVM Instance Using Default VPC
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** b4e75c5c-83d5-4568-90e3-57ed5ec4051b
-- **Query name:** (Beta) CVM Instance Using Default VPC
+- **Query name:** Beta - CVM Instance Using Default VPC
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md b/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md
index b2291631055..a18ed9f8376 100644
--- a/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md
+++ b/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CDB Instance Without Backup Policy
+title: Beta - CDB Instance Without Backup Policy
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** ca94be07-7de3-4ae7-85ef-67e0462ec694
-- **Query name:** (Beta) CDB Instance Without Backup Policy
+- **Query name:** Beta - CDB Instance Without Backup Policy
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Backup
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md b/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md
index b9751b98776..938030b39d9 100644
--- a/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md
+++ b/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md
@@ -1,5 +1,5 @@
---
-title: (Beta) Security Group Rule Set Accepts All Traffic
+title: Beta - Security Group Rule Set Accepts All Traffic
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** d135a36e-c474-452f-b891-76db1e6d1cd5
-- **Query name:** (Beta) Security Group Rule Set Accepts All Traffic
+- **Query name:** Beta - Security Group Rule Set Accepts All Traffic
- **Platform:** Terraform
- **Severity:** High
- **Category:** Networking and Firewall
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md b/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md
index 0c0d55012af..5c63ad9f973 100644
--- a/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md
+++ b/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md
@@ -1,5 +1,5 @@
---
-title: (Beta) TKE Cluster Has Public Access
+title: Beta - TKE Cluster Has Public Access
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** df6928ed-02f4-421f-9a67-a529860dd7e7
-- **Query name:** (Beta) TKE Cluster Has Public Access
+- **Query name:** Beta - TKE Cluster Has Public Access
- **Platform:** Terraform
- **Severity:** Medium
- **Category:** Insecure Configurations
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md b/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md
index a77cecc9a4c..b24379ca6c9 100644
--- a/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md
+++ b/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md
@@ -1,5 +1,5 @@
---
-title: (Beta) CLB Listener Using Insecure Protocols
+title: Beta - CLB Listener Using Insecure Protocols
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** fe08b81c-12e9-4b5e-9006-4218fca750fd
-- **Query name:** (Beta) CLB Listener Using Insecure Protocols
+- **Query name:** Beta - CLB Listener Using Insecure Protocols
- **Platform:** Terraform
- **Severity:** High
- **Category:** Encryption
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols)
### Description
diff --git a/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md b/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md
index 68ed24be6fd..71073d9c178 100644
--- a/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md
+++ b/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md
@@ -1,5 +1,5 @@
---
-title: (Beta) TKE Cluster Log Agent Is Not Enabled
+title: Beta - TKE Cluster Log Agent Is Not Enabled
hide:
toc: true
navigation: true
@@ -16,10 +16,11 @@ hide:
- **Query id:** fe405074-7e18-40f9-9aef-024aa1d0a889
-- **Query name:** (Beta) TKE Cluster Log Agent Is Not Enabled
+- **Query name:** Beta - TKE Cluster Log Agent Is Not Enabled
- **Platform:** Terraform
- **Severity:** Low
- **Category:** Observability
+- **CWE:** Ongoing
- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled)
### Description
diff --git a/e2e/cli_test.go b/e2e/cli_test.go
index 831e24befb4..aba9fd0faa1 100644
--- a/e2e/cli_test.go
+++ b/e2e/cli_test.go
@@ -122,11 +122,11 @@ func Test_E2E_CLI(t *testing.T) {
t.Cleanup(func() {
err := os.RemoveAll("output")
if err != nil {
- t.Logf("\nError when trying to remove tests output folder\n")
+ t.Logf("\nError when trying to remove tests output folder %v\n", err)
}
err = os.RemoveAll("tmp-kics-ar")
if err != nil {
- t.Logf("\nError when trying to remove tmp-kics-ar folder\n")
+ t.Logf("\nError when trying to remove tmp-kics-ar folder %v\n", err)
}
t.Logf("E2E tests ::ellapsed time:: %v", time.Since(scanStartTime))
})
diff --git a/e2e/fixtures/E2E_CLI_032_RESULT.json b/e2e/fixtures/E2E_CLI_032_RESULT.json
index cd00b4d1138..1382fdd0033 100644
--- a/e2e/fixtures/E2E_CLI_032_RESULT.json
+++ b/e2e/fixtures/E2E_CLI_032_RESULT.json
@@ -72,6 +72,7 @@
"query_url": "https://docs.kics.io/latest/secrets/",
"severity": "HIGH",
"platform": "Common",
+ "cwe": "798",
"cloud_provider": "COMMON",
"category": "Secret Management",
"experimental": false,
@@ -97,6 +98,7 @@
"query_url": "https://docs.kics.io/latest/secrets/",
"severity": "HIGH",
"platform": "Common",
+ "cwe": "798",
"cloud_provider": "COMMON",
"category": "Secret Management",
"experimental": false,
diff --git a/e2e/fixtures/E2E_CLI_086_RESULT.json b/e2e/fixtures/E2E_CLI_086_RESULT.json
index 66b773b90f0..c805358c738 100644
--- a/e2e/fixtures/E2E_CLI_086_RESULT.json
+++ b/e2e/fixtures/E2E_CLI_086_RESULT.json
@@ -32,6 +32,7 @@
"query_url": "https://docs.kics.io/latest/secrets/",
"severity": "HIGH",
"platform": "Common",
+ "cwe": "798",
"cloud_provider": "COMMON",
"category": "Secret Management",
"experimental": false,
diff --git a/e2e/fixtures/E2E_CLI_087_RESULT.json b/e2e/fixtures/E2E_CLI_087_RESULT.json
index c425222e393..639ba0924c2 100644
--- a/e2e/fixtures/E2E_CLI_087_RESULT.json
+++ b/e2e/fixtures/E2E_CLI_087_RESULT.json
@@ -32,6 +32,7 @@
"query_url": "https://docs.kics.io/latest/secrets/",
"severity": "HIGH",
"platform": "Common",
+ "cwe": "798",
"cloud_provider": "COMMON",
"category": "Secret Management",
"experimental": false,
diff --git a/e2e/fixtures/E2E_CLI_088_RESULT.json b/e2e/fixtures/E2E_CLI_088_RESULT.json
index 294cd113fb3..c6437660774 100644
--- a/e2e/fixtures/E2E_CLI_088_RESULT.json
+++ b/e2e/fixtures/E2E_CLI_088_RESULT.json
@@ -32,6 +32,7 @@
"query_url": "https://docs.kics.io/latest/secrets/",
"severity": "HIGH",
"platform": "Common",
+ "cwe": "798",
"cloud_provider": "COMMON",
"category": "Secret Management",
"experimental": false,
diff --git a/go.mod b/go.mod
index 2bf2cde39d1..f6b4af2ad22 100644
--- a/go.mod
+++ b/go.mod
@@ -5,9 +5,7 @@ go 1.22.5
replace (
github.com/containerd/containerd => github.com/containerd/containerd v1.6.26
github.com/docker/cli => github.com/docker/cli v20.10.12+incompatible
- github.com/docker/docker => github.com/docker/docker v24.0.9+incompatible
github.com/jung-kurt/gofpdf => github.com/jung-kurt/gofpdf v1.16.3-0.20210918000319-0c885ad36193 // indirect
- github.com/moby/buildkit => github.com/moby/buildkit v0.12.5
github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.2
github.com/spf13/afero => github.com/spf13/afero v1.2.2
golang.org/x/crypto => golang.org/x/crypto v0.21.1-0.20240404165943-d042a396a6de // indirect
@@ -24,7 +22,7 @@ require (
github.com/bigkevmcd/go-configparser v0.0.0-20230427073640-c6b631f70126
github.com/cheggaaa/pb/v3 v3.1.5
github.com/emicklei/proto v1.13.2
- github.com/getsentry/sentry-go v0.28.0
+ github.com/getsentry/sentry-go v0.28.2-0.20240729102758-eb05e4b3014c
github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1
github.com/golang/mock v1.6.0
github.com/google/pprof v0.0.0-20240528025155-186aa0362fba
@@ -34,9 +32,9 @@ require (
github.com/hashicorp/hcl v1.0.0
github.com/hashicorp/hcl/v2 v2.20.1
github.com/hashicorp/terraform-json v0.22.1
- github.com/johnfercher/maroto v0.43.1-0.20230914003034-2e439ed90fe3
+ github.com/johnfercher/maroto v1.0.0
github.com/mackerelio/go-osstat v0.2.5
- github.com/moby/buildkit v0.12.5
+ github.com/moby/buildkit v0.15.1-0.20240730223335-bc92b63b98aa
github.com/open-policy-agent/opa v0.65.0
github.com/pkg/errors v0.9.1
github.com/relex/aini v1.6.0
@@ -52,10 +50,10 @@ require (
github.com/yargevad/filepathx v1.0.0
github.com/zclconf/go-cty v1.14.4
golang.org/x/net v0.26.0
- golang.org/x/text v0.16.0
+ golang.org/x/text v0.17.0
golang.org/x/tools v0.22.0
gopkg.in/yaml.v3 v3.0.1
- helm.sh/helm/v3 v3.15.1
+ helm.sh/helm/v3 v3.15.3
mvdan.cc/sh/v3 v3.8.0
)
@@ -64,12 +62,13 @@ require (
cloud.google.com/go/compute/metadata v0.3.0 // indirect
cloud.google.com/go/iam v1.1.6 // indirect
cloud.google.com/go/storage v1.38.0 // indirect
- github.com/Microsoft/hcsshim v0.12.3 // indirect
+ github.com/Microsoft/hcsshim v0.12.5 // indirect
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
github.com/aws/aws-sdk-go v1.44.295 // indirect
github.com/aws/smithy-go v1.20.2 // indirect
github.com/containerd/log v0.1.0 // indirect
github.com/containerd/typeurl/v2 v2.1.1 // indirect
+ github.com/distribution/reference v0.6.0 // indirect
github.com/evanphx/json-patch/v5 v5.6.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-ini/ini v1.67.0 // indirect
@@ -81,7 +80,7 @@ require (
github.com/google/s2a-go v0.1.7 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
github.com/googleapis/gax-go/v2 v2.12.3 // indirect
- github.com/gorilla/websocket v1.5.0 // indirect
+ github.com/gorilla/websocket v1.5.3 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
@@ -127,16 +126,15 @@ require (
github.com/boombuler/barcode v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/chai2010/gettext-go v1.0.2 // indirect
- github.com/containerd/containerd v1.7.17 // indirect
+ github.com/containerd/containerd v1.7.21-0.20240730235713-20966044526b // indirect
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
- github.com/docker/cli v24.0.6+incompatible // indirect
- github.com/docker/distribution v2.8.2+incompatible // indirect
- github.com/docker/docker v24.0.9+incompatible // indirect
- github.com/docker/docker-credential-helpers v0.7.0 // indirect
- github.com/docker/go-connections v0.4.0 // indirect
+ github.com/docker/cli v27.1.1+incompatible // indirect
+ github.com/docker/distribution v2.8.3+incompatible // indirect
+ github.com/docker/docker v27.1.1+incompatible // indirect
+ github.com/docker/docker-credential-helpers v0.8.2 // indirect
+ github.com/docker/go-connections v0.5.0 // indirect
github.com/docker/go-metrics v0.0.1 // indirect
- github.com/docker/go-units v0.5.0 // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/evanphx/json-patch v5.7.0+incompatible // indirect
github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
@@ -168,7 +166,7 @@ require (
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/jung-kurt/gofpdf v1.16.3-0.20210918000319-0c885ad36193 // indirect
- github.com/klauspost/compress v1.17.8 // indirect
+ github.com/klauspost/compress v1.17.9 // indirect
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
github.com/lib/pq v1.10.9 // indirect
@@ -189,7 +187,6 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
- github.com/morikuni/aec v1.0.0 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0 // indirect
@@ -220,10 +217,10 @@ require (
github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect
github.com/yashtewari/glob-intersection v0.2.0 // indirect
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
- golang.org/x/crypto v0.24.0 // indirect
+ golang.org/x/crypto v0.25.0 // indirect
golang.org/x/oauth2 v0.20.0 // indirect
- golang.org/x/sync v0.7.0 // indirect
- golang.org/x/sys v0.21.0 // indirect
+ golang.org/x/sync v0.8.0 // indirect
+ golang.org/x/sys v0.22.0 // indirect
golang.org/x/term v0.21.0 // indirect
golang.org/x/time v0.5.0 // indirect
google.golang.org/grpc v1.64.1 // indirect
@@ -231,18 +228,18 @@ require (
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
- k8s.io/api v0.30.0
- k8s.io/apiextensions-apiserver v0.30.0 // indirect
- k8s.io/apimachinery v0.30.0
- k8s.io/apiserver v0.30.0 // indirect
+ k8s.io/api v0.30.3
+ k8s.io/apiextensions-apiserver v0.30.3 // indirect
+ k8s.io/apimachinery v0.30.3
+ k8s.io/apiserver v0.30.3 // indirect
k8s.io/cli-runtime v0.30.0 // indirect
- k8s.io/client-go v0.30.0
- k8s.io/component-base v0.30.0 // indirect
+ k8s.io/client-go v0.30.3
+ k8s.io/component-base v0.30.3 // indirect
k8s.io/klog/v2 v2.120.1 // indirect
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
k8s.io/kubectl v0.30.0 // indirect
- k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
- oras.land/oras-go v1.2.4 // indirect
+ k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
+ oras.land/oras-go v1.2.5 // indirect
sigs.k8s.io/controller-runtime v0.14.6
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
diff --git a/go.sum b/go.sum
index b849e5cbb75..a6c30f4053f 100644
--- a/go.sum
+++ b/go.sum
@@ -206,8 +206,8 @@ github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8
github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10=
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
-github.com/Microsoft/hcsshim v0.12.3 h1:LS9NXqXhMoqNCplK1ApmVSfB4UnVLRDWRapB6EIlxE0=
-github.com/Microsoft/hcsshim v0.12.3/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6CtY2Qg/JVQ=
+github.com/Microsoft/hcsshim v0.12.5 h1:bpTInLlDy/nDRWFVcefDZZ1+U8tS+rz3MxjKgu9boo0=
+github.com/Microsoft/hcsshim v0.12.5/go.mod h1:tIUGego4G1EN5Hb6KC90aDYiUI2dqLSTTOCjVNpOgZ8=
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8=
github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
@@ -318,22 +318,22 @@ github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+
github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA=
github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc=
github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI=
+github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
+github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
github.com/docker/cli v20.10.12+incompatible h1:lZlz0uzG+GH+c0plStMUdF/qk3ppmgnswpR5EbqzVGA=
github.com/docker/cli v20.10.12+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
-github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
-github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0=
-github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A=
-github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0=
-github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
-github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
+github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
+github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/docker v27.1.1+incompatible h1:hO/M4MtV36kzKldqnA37IWhebRA+LnqqcqDja6kVaKY=
+github.com/docker/docker v27.1.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
+github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
+github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
+github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8=
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8=
github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw=
-github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
-github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4=
github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE=
github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
@@ -371,8 +371,8 @@ github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHk
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
-github.com/getsentry/sentry-go v0.28.0 h1:7Rqx9M3ythTKy2J6uZLHmc8Sz9OGgIlseuO1iBX/s0M=
-github.com/getsentry/sentry-go v0.28.0/go.mod h1:1fQZ+7l7eeJ3wYi82q5Hg8GqAPgefRq+FP/QhafYVgg=
+github.com/getsentry/sentry-go v0.28.2-0.20240729102758-eb05e4b3014c h1:RQztYpXOOQULmDrm/1IXZDdeMvxejM1DFqnl3vWbaqY=
+github.com/getsentry/sentry-go v0.28.2-0.20240729102758-eb05e4b3014c/go.mod h1:jhPesDAL0Q0W2+2YEuVOvdWmVtdsr1+jtBrlDEVWwLY=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
@@ -544,8 +544,8 @@ github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
-github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY=
github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo=
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM=
@@ -595,8 +595,8 @@ github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGw
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g=
github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ=
-github.com/johnfercher/maroto v0.43.1-0.20230914003034-2e439ed90fe3 h1:j0JE3zlrN4d1HL/8rwXjcda8qsB2tI4Ujjx6GuvNALU=
-github.com/johnfercher/maroto v0.43.1-0.20230914003034-2e439ed90fe3/go.mod h1:qeujdhKT+677jMjGWlIa5OCgR04GgIHvByJ6pSC+hOw=
+github.com/johnfercher/maroto v1.0.0 h1:yo26a/Mxj2YbHCzpIW7FypKtdvv9BdeLNHaApHwLCXU=
+github.com/johnfercher/maroto v1.0.0/go.mod h1:qeujdhKT+677jMjGWlIa5OCgR04GgIHvByJ6pSC+hOw=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
@@ -613,8 +613,8 @@ github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1q
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM=
-github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU=
-github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
+github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
+github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
@@ -677,14 +677,14 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR
github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
-github.com/moby/buildkit v0.12.5 h1:RNHH1l3HDhYyZafr5EgstEu8aGNCwyfvMtrQDtjH9T0=
-github.com/moby/buildkit v0.12.5/go.mod h1:YGwjA2loqyiYfZeEo8FtI7z4x5XponAaIWsWcSjWwso=
+github.com/moby/buildkit v0.15.1-0.20240730223335-bc92b63b98aa h1:z92Wl4gmPxFt5wL0Stbl9mQ+3iv6x7mcD7niQHhgAYw=
+github.com/moby/buildkit v0.15.1-0.20240730223335-bc92b63b98aa/go.mod h1:CJPmyL9eDzHLepMLptubdQ3uckgHFdhxWR1Idj6YgNo=
github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg=
github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc=
github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8=
github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c=
-github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78=
-github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI=
+github.com/moby/sys/mountinfo v0.7.1 h1:/tTvQaSJRr2FshkhXiIpux6fQ2Zvc4j7tAhMTStAG2g=
+github.com/moby/sys/mountinfo v0.7.1/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI=
github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -696,8 +696,6 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0=
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
-github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
-github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
@@ -1048,8 +1046,8 @@ golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -1123,8 +1121,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
-golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
+golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -1146,8 +1144,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
-golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
+golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
+golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -1450,8 +1448,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools/v3 v3.5.0 h1:Ljk6PdHdOhAb5aDMWXjDLMMhph+BpztA4v1QdqEW2eY=
gotest.tools/v3 v3.5.0/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
-helm.sh/helm/v3 v3.15.1 h1:22ztacHz4gMqhXNqCQ9NAg6BFWoRUryNLvnkz6OVyw0=
-helm.sh/helm/v3 v3.15.1/go.mod h1:fvfoRcB8UKRUV5jrIfOTaN/pG1TPhuqSb56fjYdTKXg=
+helm.sh/helm/v3 v3.15.3 h1:HcZDaVFe9uHa6hpsR54mJjYyRy4uz/pc6csg27nxFOc=
+helm.sh/helm/v3 v3.15.3/go.mod h1:FzSIP8jDQaa6WAVg9F+OkKz7J0ZmAga4MABtTbsb9WQ=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -1459,32 +1457,32 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA=
-k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE=
-k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs=
-k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y=
-k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA=
-k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
-k8s.io/apiserver v0.30.0 h1:QCec+U72tMQ+9tR6A0sMBB5Vh6ImCEkoKkTDRABWq6M=
-k8s.io/apiserver v0.30.0/go.mod h1:smOIBq8t0MbKZi7O7SyIpjPsiKJ8qa+llcFCluKyqiY=
+k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ=
+k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04=
+k8s.io/apiextensions-apiserver v0.30.3 h1:oChu5li2vsZHx2IvnGP3ah8Nj3KyqG3kRSaKmijhB9U=
+k8s.io/apiextensions-apiserver v0.30.3/go.mod h1:uhXxYDkMAvl6CJw4lrDN4CPbONkF3+XL9cacCT44kV4=
+k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc=
+k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
+k8s.io/apiserver v0.30.3 h1:QZJndA9k2MjFqpnyYv/PH+9PE0SHhx3hBho4X0vE65g=
+k8s.io/apiserver v0.30.3/go.mod h1:6Oa88y1CZqnzetd2JdepO0UXzQX4ZnOekx2/PtEjrOg=
k8s.io/cli-runtime v0.30.0 h1:0vn6/XhOvn1RJ2KJOC6IRR2CGqrpT6QQF4+8pYpWQ48=
k8s.io/cli-runtime v0.30.0/go.mod h1:vATpDMATVTMA79sZ0YUCzlMelf6rUjoBzlp+RnoM+cg=
-k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ=
-k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY=
-k8s.io/component-base v0.30.0 h1:cj6bp38g0ainlfYtaOQuRELh5KSYjhKxM+io7AUIk4o=
-k8s.io/component-base v0.30.0/go.mod h1:V9x/0ePFNaKeKYA3bOvIbrNoluTSG+fSJKjLdjOoeXQ=
+k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k=
+k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U=
+k8s.io/component-base v0.30.3 h1:Ci0UqKWf4oiwy8hr1+E3dsnliKnkMLZMVbWzeorlk7s=
+k8s.io/component-base v0.30.3/go.mod h1:C1SshT3rGPCuNtBs14RmVD2xW0EhRSeLvBh7AGk1quA=
k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
k8s.io/kubectl v0.30.0 h1:xbPvzagbJ6RNYVMVuiHArC1grrV5vSmmIcSZuCdzRyk=
k8s.io/kubectl v0.30.0/go.mod h1:zgolRw2MQXLPwmic2l/+iHs239L49fhSeICuMhQQXTI=
-k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
-k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A=
+k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
mvdan.cc/sh/v3 v3.8.0 h1:ZxuJipLZwr/HLbASonmXtcvvC9HXY9d2lXZHnKGjFc8=
mvdan.cc/sh/v3 v3.8.0/go.mod h1:w04623xkgBVo7/IUK89E0g8hBykgEpN0vgOj3RJr6MY=
-oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY=
-oras.land/oras-go v1.2.4/go.mod h1:DYcGfb3YF1nKjcezfX2SNlDAeQFKSXmf+qrFmrh4324=
+oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo=
+oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo=
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/pkg/engine/secrets/inspector.go b/pkg/engine/secrets/inspector.go
index 09398146a97..e01191f3f82 100644
--- a/pkg/engine/secrets/inspector.go
+++ b/pkg/engine/secrets/inspector.go
@@ -527,6 +527,7 @@ func (c *Inspector) addVulnerability(basePaths []string, file *model.FileMetadat
VulnLines: hideSecret(&linesVuln, issueLine, query, &c.SecretTracker),
IssueType: "RedundantAttribute",
Platform: SecretsQueryMetadata["platform"],
+ CWE: SecretsQueryMetadata["cwe"],
Severity: model.SeverityHigh,
QueryURI: SecretsQueryMetadata["descriptionUrl"],
Category: SecretsQueryMetadata["category"],
diff --git a/pkg/engine/secrets/inspector_test.go b/pkg/engine/secrets/inspector_test.go
index d887cf9a31f..2b5bbf12b55 100644
--- a/pkg/engine/secrets/inspector_test.go
+++ b/pkg/engine/secrets/inspector_test.go
@@ -478,10 +478,11 @@ var testNewInspectorInputs = []struct {
"severity": "HIGH",
"category": "Secret Management",
"descriptionText": "Query to find passwords and secrets in infrastructure code.",
- "descriptionUrl": "https://kics.io/",
+ "descriptionUrl": "https://docs.kics.io/latest/secrets/",
"platform": "Common",
"descriptionID": "d69d8a89",
- "cloudProvider": "common"
+ "cloudProvider": "common",
+ "cwe": "798"
}`,
disableSecrets: false,
wantRegLen: 1,
@@ -508,10 +509,11 @@ var testNewInspectorInputs = []struct {
"severity": "HIGH",
"category": "Secret Management",
"descriptionText": "Query to find passwords and secrets in infrastructure code.",
- "descriptionUrl": "https://kics.io/",
+ "descriptionUrl": "https://docs.kics.io/latest/secrets/",
"platform": "Common",
"descriptionID": "d69d8a89",
- "cloudProvider": "common"
+ "cloudProvider": "common",
+ "cwe": "798"
}`,
disableSecrets: true,
wantRegLen: 0,
@@ -538,10 +540,11 @@ var testNewInspectorInputs = []struct {
"severity": "HIGH",
"category": "Secret Management",
"descriptionText": "Query to find passwords and secrets in infrastructure code.",
- "descriptionUrl": "https://kics.io/",
+ "descriptionUrl": "https://docs.kics.io/latest/secrets/",
"platform": "Common",
"descriptionID": "d69d8a89",
- "cloudProvider": "common"
+ "cloudProvider": "common",
+ "cwe": "798"
}`,
disableSecrets: false,
wantRegLen: 1,