all InfoSec news
App Runner cross-tenant VPC connectors info leak
April 3, 2023, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
that was passed to it. As a result, any account ID could be provided and the API would return
the information for that account. This would leak minor information about the VPC
configuration for App Runner in the account including the subnet ID, security group ID, and the
VPC Connector ARN.
account action api app configuration connector connectors info information leak parameter result return security subnet vpc
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
GraphNinja
3 days, 10 hours ago |
www.cloudvulndb.org
AWS Amplify IAM role publicly assumable exposure
2 weeks, 3 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 2 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Pipelines Agent poisoned pipeline execution
4 months, 1 week ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC
@ SAP | Dublin 24, IE, D24WA02
Product Security Response Engineer
@ Intel | CRI - Belen, Heredia
Application Security Architect
@ Uni Systems | Brussels, Brussels, Belgium
Sr Product Security Engineer
@ ServiceNow | Hyderabad, India
Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)
@ FiscalNote | United Kingdom (UK)