all InfoSec news
Overprivileged CodeBuild default ECR IAM policy
Feb. 25, 2023, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
project service role for the credentials to pull the image, the default IAM
policy attached to the role to allow pulling the container was over-privileged
and allowed the CodeBuild container to overwrite its own build image.
An attacker with the ability to read the container credentials from the meta-data
service or run commands within the container could thereby overwrite the container to gain
persistence within the …
aws build container credentials data default iam meta own policy privileged project role run service
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
1 month, 2 weeks ago |
www.cloudvulndb.org
AWS Glue database password leakage
1 month, 3 weeks ago |
www.cloudvulndb.org
Synapse Analytics privilege escalation via intelligent caching
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
3 months, 2 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
3 months, 3 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)