9 matches found
CVE-2025-14503
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
CVE-2025-14503
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
CVE-2025-14503
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
CVE-2025-14503
CVE-2025-14503 affects Harmonix on AWS (Harmonix on AWS framework). The issue is an overly-permissive IAM trust policy in the EKS environment provisioning role that trusts the account root principal, potentially enabling any IAM principal within the same AWS account to call sts:AssumeRole and obt...
EUVD-2025-203445
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow authenticated users to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any account principal with...
CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
PT-2025-51281
Name of the Vulnerable Software and Affected Versions Harmonix on AWS versions 0.3.0 through 0.4.1 Description An overly-permissive IAM trust policy within the Harmonix on AWS framework could allow IAM principals within the same AWS account to escalate privileges through role assumption. The EKS...
Harmonix on AWS 安全漏洞
Harmonix on AWS is a developer portal open-sourced by Amazon Web Services - Labs. A security vulnerability exists in Harmonix on AWS version 0.4.1 and earlier, which stems from an overly lax IAM trust policy that could lead to elevation of privilege...