AWS VDP: Non-Production API Endpoints for the AI Ops Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration

The vulnerability found that there are 5 non-production endpoints for the AI Ops service that can be used with standard IAM credentials and do not log to CloudTrail. While the endpoints do not appear to provide access to customer partition data, they can be used for permission enumeration without...

AWS VDP: Non-Production API Endpoints for the Route 53 Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoints for the Route 53 service failed to log to CloudTrail, resulting in silent permission enumeration. Two non-production endpoints were found that could be used with standard IAM credentials without logging to CloudTrail. This allowed an adversary to perform permissio...

AWS VDP: Non-Production API Endpoints for the Neptune Graph Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoints for the Neptune Graph Service were found to fail logging to CloudTrail, resulting in silent permission enumeration. Specifically, seven non-production endpoints were identified that could be used with standard IAM credentials without generating CloudTrail logs. Th...

AWS VDP: Non-Production API Endpoints for the Glue Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The AWS Glue service was found to have 12 non-production API endpoints that could be accessed using standard IAM credentials without generating any CloudTrail logs. This allowed for silent permission enumeration, where an adversary could determine the permissions of compromised credentials withou...

AWS VDP: Non-Production API Endpoints for the Global Accelerator Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The researchers discovered that there are 8 non-production endpoints for the Global Accelerator service which can be used with standard IAM credentials and do not log to CloudTrail. This allows for silent permission enumeration, where an adversary can determine the permissions of compromised...

AWS VDP: Non-Production API Endpoints for the Forecast Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The Forecast service in Amazon Web Services AWS has four non-production API endpoints that can be accessed using standard IAM credentials, but do not log any activity to CloudTrail. This allows for silent permission enumeration, where an adversary can test the capabilities of compromised...

AWS VDP: Non-Production API Endpoint for the EventBridge Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoint for the EventBridge service was found to fail to log to CloudTrail, resulting in silent permission enumeration. This vulnerability was reported to AWS, as it allowed for the enumeration of permissions of compromised credentials without generating CloudTrail logs,...

AWS VDP: Non-Production API Endpoint for the ElastiCache Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration

The ElastiCache service contains a non-production API endpoint that allows for permission enumeration without logging to CloudTrail. This could enable an adversary with compromised credentials to silently test the permissions of the credentials...

AWS VDP: (Part 2) Non-Production API Endpoints for the Datazone Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoints for the Datazone service failed to log to CloudTrail, resulting in silent permission enumeration. The vulnerability was discovered through certificate transparency monitoring, where three additional vulnerable endpoints were identified...

AWS VDP: Non-Production API Endpoints for the DocumentDB Elastic Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The DocumentDB Elastic service was found to have three non-production API endpoints that could be accessed using standard IAM credentials without logging to CloudTrail. This allowed for silent permission enumeration, where an adversary could determine the permissions of compromised credentials...

AWS VDP: Non-Production API Endpoints for the Device Farm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The Device Farm service was found to have two non-production API endpoints that could be accessed using standard IAM credentials without generating CloudTrail logs. This allowed silent permission enumeration, where an adversary could test the permissions of compromised credentials without...

AWS VDP: Non-Production API Endpoints for the Datazone Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The vulnerability found in the Datazone service allows an adversary to enumerate permissions of compromised credentials without logging to CloudTrail. Forty-four non-production endpoints were identified that can be accessed using standard IAM credentials and do not generate CloudTrail logs. This...

AWS VDP: Non-Production API Endpoints for the bedrock Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The bedrock service was found to have 5 non-production API endpoints that could be used with standard IAM credentials to enumerate permissions without logging to CloudTrail. The impacted endpoints allowed the invocation of bedrock:ListImportedModels and bedrock:ListModelImportJobs actions. This...

AWS VDP: Non-Production API Endpoints for the ssm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoints for the ssm service were found to fail to log to CloudTrail, resulting in silent permission enumeration. Eighteen non-production endpoints were identified that can be used with standard IAM credentials without generating CloudTrail logs...

AWS VDP: Non-Production API Endpoints for the bedrock-agent Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoints for the bedrock-agent service failed to log to CloudTrail, resulting in silent permission enumeration. A total of 26 non-production endpoints were found that could be used with standard IAM credentials without generating CloudTrail logs. This vulnerability was...

Pay Attention to Your Non-Production Subdomains

It’s common for security teams to focus their best efforts on an organization’s primary production domain...

Microsoft got hacked by state sponsored group it was investigating

In a spy-vs-spy type of scenario, Microsoft has acknowledged that a group called Midnight Blizzard also known as APT29 or Cozy Bear, gained access to a Microsoft legacy non-production test tenant account. According to Microsoft, the group managed to access the account in November after subjecting...

PT-2022-23153 · Unknown · Growthbook

Name of the Vulnerable Software and Affected Versions: GrowthBook versions prior to 2022-08-29 Description: GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations, attackers can register new accounts and upload files to arbitrary directori...

Improper handling of Length parameter

Description There was no restriction on the amount of text that can be inserted into a user's name field. When the text size was large enough the service resulted in a momentary outage in our non-production environment not high availability. An internal reproduction showed isolated disruption but...

CVE-2021-40855

The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production...