Security issue in AWS allows indirect data leakage through CloudTrail logs. AWS does not provide any way to block such exfiltration when using a service that is not compatible with VPC Endpoints/VPC Endpoint Policy. We can inject data into the User-Agent header in an API request, which then gets logged in the attacker's CloudTrail instance.
Summary (give a brief description of the issue)
Security issue in AWS allows indirect data leakage through CloudTrail logs. AWS does not provide any way to block such exfiltration when using a service that is not compatible with VPC Endpoints/VPC Endpoint Policy. We can inject data into the User-Agent header in an API request, which then gets logged in the attacker's CloudTrail instance.
References (provide links to blogposts, etc.)
https://github.com/jfbette/cloudconcerns/blob/main/scenarios/dataleakage/cloudtrail/data-exfiltration-through-cloudtrail.md