Flaw in Bedrock's Foundation Model Access Control
Published Wed, Mar 27th, 2024
Platforms
Summary
A flaw in AWS Bedrock's foundation model access control allowed unauthorized subscriptions to certain models, bypassing IAM policies using the aws-marketplace:ProductId condition key. This could lead to compliance issues and financial risks. AWS has since fixed the issue and notified affected customers.
Affected Services
Amazon Bedrock, AWS Marketplace
Remediation
Review IAM policies for Amazon Bedrock, ensure correct permissions are set. Remove model access to affected models if subscription should have been denied. Refer to AWS documentation for instructions on removing model access in Amazon Bedrock.
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/korniko98
Entry Status
Stub (AI-Generated)
Disclosure Date
Mon, Jan 15th, 2024
Exploitability Period
Until 2024/01/18
Known ITW Exploitation
-
Detection Methods
Monitor CloudTrail logs for unexpected AcceptAgreementRequest and CreateFoundationModelAgreement events. Review IAM policies and test them to ensure they behave as expected for all foundation models.
Piercing Index Rating
-
Discovered by
Carlos Mora, TrustOnCloud
