all InfoSec news
AWS Amplify IAM role publicly assumable exposure
April 15, 2024, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
with Amplify projects. This misconfiguration caused these roles to be assumable
by any other AWS account. Both the Amplify Studio and the Amplify CLI
exhibited this behavior. Any Amplify project created using the Amplify CLI
built between July 3, 2018 and August 8, 2019 had IAM roles that were assumable by
anyone in the world. AWS mitigated this vulnerability through backend changes to
STS and IAM, and also …
account amplify aws cli exposure found iam iam roles july misconfiguration project projects role roles service studio
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
GraphNinja
2 days, 15 hours ago |
www.cloudvulndb.org
AWS Amplify IAM role publicly assumable exposure
2 weeks, 2 days ago |
www.cloudvulndb.org
AWS Glue database password leakage
2 weeks, 6 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 2 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Pipelines Agent poisoned pipeline execution
4 months, 1 week ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Information Security Cyber Risk Analyst
@ Intel | USA - AZ - Chandler
Senior Cloud Security Engineer (Fullstack)
@ Grab | Petaling Jaya, Malaysia
Principal Product Security Engineer
@ Oracle | United States
Cybersecurity Strategy Director
@ Proofpoint | Sunnyvale, CA
Information Security Consultant/Auditor
@ Devoteam | Lisboa, Portugal
IT Security Engineer til Netcompany IT Services
@ Netcompany | Copenhagen, Denmark