low

AWS published official AMIs with recoverable deleted files

Published Sat, Jun 4th, 2011
Platforms

Summary

Researchers, while investigating the security posture of Public AMIs, were able to undelete files from an official image that was published by Amazon AWS.

Affected Services

N/A

Remediation

Follow [best practices](https://aws.amazon.com/articles/how-to-share-and-use-public-amis-in-a-secure-manner/) when sharing Public AMIs

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Sat, Jun 4th, 2011
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio Loureiro, null