medium

Org policies bypass

Published Fri, Sep 10th, 2021
Platforms

Summary

Allows an attacker with privileges in the account to share resources outside of the account even when an org policy restricts this, thus enabling them to backdoor their access.

Affected Services

N/A

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Sat, May 15th, 2021
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Kat Traxler, null