critical

SuperGlue

Published Thu, Jan 13th, 2022
Platforms

Summary

Compromise of internal AWS Glue service to assume the glue role in any AWS account that used glue.

Affected Services

Glue

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Entry Status
Finalized
Disclosure Date
Thu, Sep 30th, 2021
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
8.93
(PI:1.5/A1:20/A2:1.1/A7:1.1/A8:1)
Discovered by
Yanir Tsarimi, Orca Security