More Info:

AWS S3 buckets should not allow public WRITE_ACP access. Granting public “WRITE_ACP” access to your AWS S3 buckets can allow anonymous users to edit their ACL permissions and eventually be able to view, upload, modify and delete S3 objects within the bucket without restrictions.

Risk Level

High

Address

Security

Compliance Standards

NIST, PCIDSS

Triage and Remediation

Remediation

Using Console

Additional Reading: