all InfoSec news
FlowFixation
March 21, 2024, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
The issue stemmed from a combination of session fixation in the MWAA web management panel and an AWS domain configuration error leading
to a cross-site scripting (XSS) attack. Attackers exploiting this could manipulate victims' configurations, trigger workflows, and
potentially move laterally to other services within the cloud environment. The exploit of this bug involved deploying malicious code
via an Amazon …
airflow amazon apache attack attackers aws code code execution configuration cross-site domain error exploiting flaw hijacking issue managed management panel remote code remote code execution scripting session session hijacking trigger web web management workflows xss
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
1 month, 2 weeks ago |
www.cloudvulndb.org
AWS Glue database password leakage
1 month, 3 weeks ago |
www.cloudvulndb.org
Synapse Analytics privilege escalation via intelligent caching
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
3 months, 2 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
3 months, 3 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC