ncc-erik-steringer
commented
2 years ago Fix made in 29a57ee and will be included in v1.1.4 release. Source of the bug was a miss on capitalization!
Closed ncc-erik-steringer closed 2 years ago
ncc-erik-steringer
commented
2 years ago Fix made in 29a57ee and will be included in v1.1.4 release. Source of the bug was a miss on capitalization!
ncc-erik-steringer
commented
2 years ago v1.1.4 is out, closing.
Describe the bug
PMapper is supposed to identify when someone can abuse
cloudformation:UpdateStackto leverage a stack for extra permissions. It appears this did not happen per https://labs.bishopfox.com/tech-blog/iam-vulnerable-assessing-the-aws-assessment-tools#What-privesc%20paths%20does%20each%20tool%20support .TODOs