From 571a714a82fe4c93e2ac7bc521954d1a00832772 Mon Sep 17 00:00:00 2001 From: Toni de la Fuente Date: Thu, 7 Oct 2021 16:42:30 +0200 Subject: [PATCH] Updated with right service name for consistency --- checks/check_extra7155 | 2 +- checks/check_extra7156 | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/checks/check_extra7155 b/checks/check_extra7155 index de57f81e..8151afaf 100644 --- a/checks/check_extra7155 +++ b/checks/check_extra7155 @@ -25,7 +25,7 @@ CHECK_TYPE_extra7155="EXTRA" CHECK_SEVERITY_extra7155="MEDIUM" CHECK_ASFF_RESOURCE_TYPE_extra7155="AwsElasticLoadBalancingV2LoadBalancer" CHECK_ALTERNATE_check7155="extra7155" -CHECK_SERVICENAME_extra7155="ElasticLoadBalancingV2" +CHECK_SERVICENAME_extra7155="elb" CHECK_RISK_extra7155='HTTP Desync issues can lead to request smuggling and make your applications vulnerable to request queue or cache poisoning; which could lead to credential hijacking or execution of unauthorized commands.' CHECK_REMEDIATION_extra7155='Ensure Application Load Balancer is configured with defensive or strictest desync mitigation mode' CHECK_DOC_extra7155='https://aws.amazon.com/about-aws/whats-new/2020/08/application-and-classic-load-balancers-adding-defense-in-depth-with-introduction-of-desync-mitigation-mode/' diff --git a/checks/check_extra7156 b/checks/check_extra7156 index da6ef963..9634b6cf 100644 --- a/checks/check_extra7156 +++ b/checks/check_extra7156 @@ -17,8 +17,8 @@ CHECK_SCORED_extra7156="NOT_SCORED" CHECK_TYPE_extra7156="EXTRA" CHECK_SEVERITY_extra7156="Medium" CHECK_ASFF_RESOURCE_TYPE_extra7156="AwsApiGatewayV2Api" -CHECK_ALTERNATE_checa7156="extra7156" -CHECK_SERVICENAME_extra7156="apigatewayv2" +CHECK_ALTERNATE_check7156="extra7156" +CHECK_SERVICENAME_extra7156="apigateway" CHECK_RISK_extra7156="If not enabled the logging of API calls is not possible. This information is important for monitoring API access." CHECK_REMEDIATION_extra7156="Enable Access Logging in the API stage." CHECK_DOC_extra7156="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-accesslogsettings.html"