Detections
Analytics
Google Cloud Storage Bucket Detected
info Web App Scanning Plugin ID 113135
Language:
Synopsis
Google Cloud Storage Bucket DetectedDescription
Google Cloud Storage is a public cloud storage service available in Google Cloud Platform (GCP) which provides a programmatic way to store and retrieve data objects in storage containers called `buckets`. Web applications often rely on storage buckets to serve static assets (images or scripts for example) or to store application related data like user uploads, application exports or log files. Storage buckets can also be used to host static web applications without any additional service.Depending on the expected usage of the storage bucket, developers can define permissions on the storage container and its objects to allow public operations on it (for example to list the content or retrieve an object) or to keep it private.
Solution
Ensure that the detected Google Cloud Storage is already identified in the assets used by the web applications, and that the permissions are defined according to its expected purpose and to the GCP security best practices.See Also
https://cloud.google.com/storage
https://cloud.google.com/storage/docs/best-practices
https://cloud.google.com/storage/docs/public-access-prevention
Plugin Details
Severity: Info
ID: 113135
Type: remote
Family: Component Vulnerability
Published: 2/7/2022
Updated: 2/7/2022
Scan Template: api, basic, full, pci, scan