all InfoSec news
Lethal Injection
May 7, 2024, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
These could have potentially exposed sensitive user data and granted attackers extensive control, allowing
unrestricted code execution as root on the bot backend, unrestricted access to authentication secrets &
integration auth providers, unrestricted memory read in the bot backend, exposing sensitive secrets,
allowing cross-tenant data access and unrestricted deletion of other tenants' public resources.
These issues stemmed from various bugs related to URL sanitization, shared compute, and …
access amp attackers auth authentication azure backend bot chatbot code code execution control data exposed exposing health injection integration memory microsoft platform root secrets sensitive service uncovered user data vulnerabilities
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
1 month, 2 weeks ago |
www.cloudvulndb.org
AWS Glue database password leakage
1 month, 3 weeks ago |
www.cloudvulndb.org
Synapse Analytics privilege escalation via intelligent caching
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
3 months, 2 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
3 months, 3 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC