medium

AWS CloudShell terminal escape

Published Wed, Mar 10th, 2021

Platforms

Summary

If attacker controlled data is viewed in Cloudshell it could have led to code execution. This exact same issue existed in Azure previously.

Affected Services

Cloudshell

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://bugs.chromium.org/p/project-zero/issues/detail?id=2154 https://twitter.com/_fel1x/status/1391712232380194818

Contributed by https://github.com/0xdabbad00

Entry Status

Finalized

Disclosure Date

Mon, Feb 8th, 2021

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Felix Wilhelm, Google

More vulnerabilities...

medium

Azure Linux VM extension credential leak

A vulnerability in the Azure Linux VM extension mechanism allowed an unprivileged user to leak any Azure VM extension’s private data. An attacker could have abused this to gain credentials for the ...

Paul Litvak (Intezer), Wout...Mar 9, 2021

high

Azure Cloud Shell and Container Instances breakout

An attacker could gain root privileges on their Azure Cloud Shell container, escape from the container, and then gain root privileges on the underlying node, the root cause being an insecure kubele...

Chen Cohen, eBayFeb 15, 2021

medium

GKE gVisor sandbox escape

A bug in the GKE gVisor sandbox's network policy implementation allowed access to the Google Compute Engine metadata API.

Bastien Chatelard, KoyebDec 30, 2020

View all