medium

AI Hub Jupyter Notebook instance CSRF

Published Sat, Oct 17th, 2020

Platforms

gcp

Summary

AI Hub Jupyter Notebook server lacked a check of the Origin header that led to a CSRF vulnerability. An attacker could have read sensitive data and execute arbitrary actions in customer environments.

Affected Services

AI Hub Jupyter Notebook

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://blog.s1r1us.ninja/research/cookie-tossing-to-rce-on-google-cloud-jupyter-notebooks

Contributed by https://github.com/ds0440

Entry Status

Finalized

Disclosure Date

Tue, Mar 10th, 2020

Exploitability Period

-

Known ITW Exploitation

-

Detection Methods

None

Piercing Index Rating

-

Discovered by

s1r1us

More vulnerabilities...

low

Lack of internal change controls for IAM managed policies

aws

AWS have released or changed managed IAM policies in unexpected and insecure ways. Examples include: CheesepuffsServiceRolePolicy, AWSServiceRoleForThorInternalDevPolicy, AWSCodeArtifactReadOnlyAcc...

Anonymous discoverer
low

Multiple issues in AWS IAM Authenticator for Kubernetes

aws

Amazon Elastic Kubernetes Service (EKS) uses IAM to provide authentication to the cluster through the AWS IAM Authenticator for Kubernetes (aws-iam-authenticator). Multiple issues were identified i...

Felix Wilhelm, Google
high

Google Cloud Shell XSS to RCE Vulnerability

gcp

A vulnerability in Google Cloud Shell allowed escalation from XSS to full instance takeover as root. The attack exploited an XSS in the markdown preview functionality to read sensitive files, obtai...

Omar Espino
View all