high

AWS RDS local file read

Published Mon, Apr 11th, 2022
Platforms

Summary

A vulnerability was discovered in the Aurora PostgreSQL log_fdw extension for Amazon Relational Database Service (RDS), allowing an attacker to read files on the EC2 host and obtain credentials for an internal AWS service.

Affected Services

RDS

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Contributed by https://github.com/0xdabbad00
Entry Status
Finalized
Disclosure Date
Thu, Dec 9th, 2021
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Gafnit Amiga, Lightspin

More vulnerabilities...

high

AWS RDS local file read

A vulnerability was discovered in the Aurora PostgreSQL log_fdw extension for Amazon Relational Database Service (RDS), allowing an attacker to read files on the EC2 host and obtain credentials for...

...
Gafnit Amiga, Lightspin

high

AWS RDS local file read

A vulnerability was discovered in the Aurora PostgreSQL log_fdw extension for Amazon Relational Database Service (RDS), allowing an attacker to read files on the EC2 host and obtain credentials for...

...
Gafnit Amiga, Lightspin

high

AWS RDS local file read

A vulnerability was discovered in the Aurora PostgreSQL log_fdw extension for Amazon Relational Database Service (RDS), allowing an attacker to read files on the EC2 host and obtain credentials for...

...
Gafnit Amiga, Lightspin

View all