low

AWS published official AMIs with recoverable deleted files

Published Sat, Jun 4th, 2011

Platforms

Summary

Researchers, while investigating the security posture of Public AMIs, were able to undelete files from an official image that was published by Amazon AWS.

Affected Services

N/A

Remediation

Follow [best practices](https://aws.amazon.com/articles/how-to-share-and-use-public-amis-in-a-secure-manner/) when sharing Public AMIs

Tracked CVEs

No tracked CVEs

References

http://seclab.nu/static/publications/sac2012ec2.pdf https://aws.amazon.com/security/security-bulletins/reminder-about-safely-sharing-and-using-public-amis/

Contributed by https://github.com/ramimac

Disclosure Date

Sat, Jun 4th, 2011

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio Loureiro

More vulnerabilities...

medium

Signature version 1 (SigV1) is insecure

When making authenticated API requests to AWS, the requests must be signed with your AWS access key. The initial signing algorithm, SigV1, was vulnerable to collisions. A person-in-the-middle attac...

Colin Percival

Thu, Dec 18th, 2008

critical

AWS Amplify IAM role publicly assumable exposure

The AWS Amplify service was found to be misconfiguring IAM roles associated with Amplify projects. This misconfiguration caused these roles to be assumable by any other AWS account. Both the Ampl...

Nick Frichette, Datadog

Mon, Apr 15th, 2024

high

Azure Site Recovery privilege escalation

When the ASR service is enabled, it uses an Automation Account with a System-Assigned Managed Identity to manage Site Recovery extensions on VMs. However, the Runbook (a set of scripts for managing...

Joshua Murrell, NetSPI

Tue, Feb 13th, 2024

View all