low

Lack of internal change controls for IAM managed policies

Published Thu, Oct 15th, 2020

Platforms

aws

Summary

AWS have released or changed managed IAM policies in unexpected and insecure ways. Examples include: CheesepuffsServiceRolePolicy, AWSServiceRoleForThorInternalDevPolicy, AWSCodeArtifactReadOnlyAccess.json, AmazonCirrusGammaRoleForInstaller. The worst being the ReadOnlyAccess policy having almost all privileges removed and unexpected ones added.

Affected Services

N/A

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://twitter.com/__steele/status/1316909785607012352

Contributed by https://github.com/Rami_McCarthy

Entry Status

Finalized

Disclosure Date

Thu, Oct 15th, 2020

Exploitability Period

-

Known ITW Exploitation

-

Detection Methods

None

Piercing Index Rating

-

Discovered by

-

More vulnerabilities...

low

Multiple issues in AWS IAM Authenticator for Kubernetes

aws

Amazon Elastic Kubernetes Service (EKS) uses IAM to provide authentication to the cluster through the AWS IAM Authenticator for Kubernetes (aws-iam-authenticator). Multiple issues were identified i...

Felix Wilhelm, Google
high

Google Cloud Shell XSS to RCE Vulnerability

gcp

A vulnerability in Google Cloud Shell allowed escalation from XSS to full instance takeover as root. The attack exploited an XSS in the markdown preview functionality to read sensitive files, obtai...

Omar Espino
low

S3 bucket tagging not restricted

aws

Lack of the privilege s3:PutBucketTagging did not restrict the ability to tag S3 buckets.

Ian Mckay
View all