search

wiz-sec / open-cvdb

An open project to list all publicly known cloud vulnerabilities and CSP security issues
https://cloudvulndb.org
Creative Commons Attribution 4.0 International
297 stars 59 forks source link

Added amplify vulnerability #292

Closed Frichetten closed 3 months ago

Frichetten commented 3 months ago

:wave: Hey friends.

New vulnerability in AWS Amplify. It exposed IAM roles associated with Amplify projects to takeover.

Details here: https://securitylabs.datadoghq.com/articles/amplified-exposure-how-aws-flaws-made-amplify-iam-roles-vulnerable-to-takeover/ AWS Security Bulletin here: https://aws.amazon.com/security/security-bulletins/AWS-2024-003/