CloudShell Vulnerability Grants Unintended AWS Access
Published Tue, Oct 15th, 2024
Platforms
Summary
A vulnerability in AWS CloudShell allowed users to gain unintended command-line access to the underlying AWS infrastructure. During a training session, a delegate unexpectedly received the identity context of an EC2 instance role within an ECS cluster, instead of the intended AWS account. This issue potentially bypassed existing controls aimed at preventing lateral movement and access to higher-privileged management roles.
Affected Services
CloudShell
Remediation
None required
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/korniko98
Entry Status
Stub (AI-Generated)
Disclosure Date
Tue, Jul 30th, 2024
Exploitability Period
Until 2024/08/30
Known ITW Exploitation
-
Detection Methods
Users can detect unexpected access by running 'aws sts get-caller-identity' in CloudShell and comparing the output to their expected IAM user or role.
Piercing Index Rating
-
Discovered by
Paul Schwarzenberger
