Read access of host of AWS internal Cloudformation service via XXE SSRF.
The level of access with the compromised IAM role from there is unclear.
Thu, Jan 13th, 2022
Use of the AI services on AWS allows customer data to be moved outside of
the regions it is used in and potentially shared with third-parties.
Note: This issue is outside the scope of this database...
Thu, Jan 6th, 2022
Dataflow worker nodes ran an unauthenticated Java Management Extensions (JMX) service that under
certain circumstances would be exposed to the Internet, thus allowing unauthenticated remote code
Tue, Dec 28th, 2021