Ensure that CDKToolkit stacks have a Bootstrap version of 21 or higher to mitigate security risks.
cloudformation_stack_cdktoolkit_bootstrap_version
Severityhigh
Servicecloudformation
Ensure that CDKToolkit stacks have a Bootstrap version of 21 or higher to mitigate security risks.
Risk
Using outdated CDKToolkit Bootstrap versions can expose accounts to risks such as bucket takeover or privilege escalation.
Run this check with Prowler CLI
prowler aws --checks cloudformation_stack_cdktoolkit_bootstrap_version
ARN template
arn:partition:cloudformation:region:account-id:stack/resource-id
Recommendation
Update the CDKToolkit stack Bootstrap version to 21 or later by running the cdk bootstrap command with the latest CDK version.
Source Code
Resource Type
AwsCloudFormationStack