medium

Lightsail object storage access keys logged

Published Thu, Aug 5th, 2021
Platforms

Summary

Lightsail object storage allows the creation of access keys which were logged to CloudTrail (both access key and secret key)

Affected Services

Lightsail

Remediation

Roll access keys

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Thu, Aug 5th, 2021
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Scott Piper, Summit Route