medium

CloudTrail bypass for AWS Service Catalog

Published Sun, Mar 19th, 2023

Platforms

aws

Summary

Due to an exposed development endpoint, it was possible to bypass CloudTrail logging for both read and write API actions for the Service Catalog service. This could have enabled adversaries to alter Service Catalog resources undetected after gaining a foothold in a victim AWS environment.

Affected Services

Service Catalog

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://securitylabs.datadoghq.com/articles/bypass-cloudtrail-aws-service-catalog-and-other/

Contributed by https://github.com/frichetten

Entry Status

Finalized

Disclosure Date

Mon, Jan 30th, 2023

Exploitability Period

Until 2023/02/07

Known ITW Exploitation

-

Detection Methods

None

Piercing Index Rating

-

Discovered by

Nick Frichette, Datadog

More vulnerabilities...

medium

Super FabriXss

azure

Azure Service Fabric Explorer (SFX) was affected by an XSS vulnerability that could have allowed a malicious script to be reflected off a web application. After a potential victim clicked on a craf...

Lidor Ben Shitrit, Orca Sec...
medium

Imposter commits vulnerability in GitHub Actions

github

A vulnerability in GitHub Actions allows bypassing workflow settings using commits from forked repositories (rather than commits of the main action repo). This "imposter commits" issue can potentia...

Billy Lynch, Chainguard
high

Unauthorized access to Codespace secrets in GitHub

github

A vulnerability in GitHub's Repository Security Advisory feature allowed unauthorized users to access plaintext Codespace secrets of any organization, including GitHub itself. The issue stemmed fro...

Rojan Rijal, Ophion Security
View all