low

Enumeration of Privileges Without Being Logged to CloudTrail

Published Sat, Oct 17th, 2020
Platforms

Summary

An attacker who gained access to IAM credentials could enumerate a subset of the privileges they had access to without logging to CloudTrail. This would allow them to perform the typically noisy permission enumeration process undetected.

Affected Services

CloudTrail

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Wed, Sep 2nd, 2020
Exploitablity Period
until 2021/05/18
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Nick Frichette, null