CCC.RDMS.TH05: Unauthorized Snapshot Sharing
Threat ID:CCC.RDMS.TH05
Title:Unauthorized Snapshot Sharing
Description:
Snapshots may be shared with untrusted accounts, which can lead to unauthorized access and potential data exfiltration. This significantly increases the risk of data exposure if sensitive information is contained in the snapshots.
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
External Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
MITRE-ATT&CK | T1530 | 0 | - |
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.RDMS.CN05 | Restrict Snapshot Sharing to Authorized Accounts | Ensure database snapshots can only be shared with explicitly authorized accounts, thereby minimizing the risk of data exposure or exfiltration. | Identity and Access Management | 1 | 2 | 1 |