high

Flaw in Bedrock's Foundation Model Access Control

Published Wed, Mar 27th, 2024
Platforms

Summary

A flaw in AWS Bedrock's foundation model access control allowed unauthorized subscriptions to certain models, bypassing IAM policies using the aws-marketplace:ProductId condition key. This could lead to compliance issues and financial risks. AWS has since fixed the issue and notified affected customers.

Affected Services

Amazon Bedrock, AWS Marketplace

Remediation

Review IAM policies for Amazon Bedrock, ensure correct permissions are set. Remove model access to affected models if subscription should have been denied. Refer to AWS documentation for instructions on removing model access in Amazon Bedrock.

Tracked CVEs

No tracked CVEs

References

Entry Status
Stub (AI-Generated)
Disclosure Date
Mon, Jan 15th, 2024
Exploitablity Period
Until 2024/01/18
Known ITW Exploitation
-
Detection Methods
Monitor CloudTrail logs for unexpected AcceptAgreementRequest and CreateFoundationModelAgreement events. Review IAM policies and test them to ensure they behave as expected for all foundation models.
Piercing Index Rating
-
Discovered by
Carlos Mora, TrustOnCloud