high

AttachMe

Published Tue, Sep 20th, 2022

Platforms

Summary

Any unattached storage volume, or attached storage volumes allowing multi-attachment, could have been read from or written to as long as an attacker knew their Oracle Cloud Identifier (OCID), allowing sensitive data to be exfiltrated or even more impactful attacks to be initiated via executable file manipulation in the target tenant's environment.

Affected Services

OCI Volumes

Remediation

None required.

Tracked CVEs

No tracked CVEs

References

https://wiz.io/blog/attachme-oracle-cloud-vulnerability-allows-unauthorized-cross-tenant-volume-access

Contributed by https://github.com/nirohfeld

Entry Status

Finalized

Disclosure Date

Thu, Jun 9th, 2022

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Elad Gabay, Wiz

More vulnerabilities...

medium

Synapse Spark LPE

Azure Synapse Analytics is an analytics service for processing data using various runtimes, among them Apache Spark. Synapse provided users the capability to mount Azure File Shares to their Apache...

Tzah Pahima, Orca SecuritySep 1, 2022

medium

SNS SigningCertUrl improper validation

Amazon SNS' signature validation in the official SDK relied on a weak regex for default AWS certificate locations, that would incorrectly match an S3 bucket named `sns`. This bucket happened to be...

Eugene LimAug 19, 2022

critical

Remote Code Execution via GitHub Import

A critical vulnerability in GitLab's GitHub import feature allows remote code execution. The issue stems from improper handling of Sawyer::Resource objects, enabling injection of Redis commands. Th...

yvvdwfAug 17, 2022

View all