all InfoSec news
FlowFixation
March 21, 2024, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
The issue stemmed from a combination of session fixation in the MWAA web management panel and an AWS domain configuration error leading
to a cross-site scripting (XSS) attack. Attackers exploiting this could manipulate victims' configurations, trigger workflows, and
potentially move laterally to other services within the cloud environment. The exploit of this bug involved deploying malicious code
via an Amazon …
airflow amazon apache attack attackers aws code code execution configuration cross-site domain error exploiting flaw hijacking issue managed management panel remote code remote code execution scripting session session hijacking trigger web web management workflows xss
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
GraphNinja
3 weeks, 1 day ago |
www.cloudvulndb.org
AWS Glue database password leakage
1 month, 1 week ago |
www.cloudvulndb.org
Synapse Analytics privilege escalation via intelligent caching
2 months, 2 weeks ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
3 months, 1 week ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
3 months, 2 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Sr. Product Manager
@ MixMode | Remote, US
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Vulnerability Research and Reverse Engineer (Onsite)
@ SNC-Lavalin | FL711: Raytheon SI Gov Dixie Hwy 3520 Dixie Highway NE , Palm Bay, FL, 32905 USA
Principal Consultant, Offensive Security
@ Kroll | CDMX, Mexico