all InfoSec news
Cloud SQL escape to host
Aug. 11, 2022, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
tenant (cloudsqlsuperuser) to arbitrarily change the ownership of a table to any user
or role in the database. Thus, an attacker could (1) create a new table, (2) create an
index function with a malicious payload, and (3) change the table owner to GCP’s superuser
role (cloudsqladmin). Next, by initiating an ANALYZE command, the malicious function is
executed with GCP’s superuser …
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
1 week, 4 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 1 week ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 2 weeks ago |
www.cloudvulndb.org
Amazon WorkSpaces Windows client credential logging
6 months, 2 weeks ago |
www.cloudvulndb.org
Power Platform Custom Code information disclosure
8 months, 3 weeks ago |
www.cloudvulndb.org
Azure Front Door client-side desync
9 months, 4 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cyber Security Cloud Solution Architect
@ Microsoft | London, London, United Kingdom
Compliance Program Analyst
@ SailPoint | United States
Software Engineer III, Infrastructure, Google Cloud Security and Privacy
@ Google | Sunnyvale, CA, USA
Cryptography Expert
@ Raiffeisen Bank Ukraine | Kyiv, Kyiv city, Ukraine
Senior Cyber Intelligence Planner (15.09)
@ OCT Consulting, LLC | Washington, District of Columbia, United States