low

AWS ElasticSearch Index Name Leakage

Published Tue, May 15th, 2018

Platforms

Summary

Even for the AWS-managed ElasticSearch clusters that had not been made public, their index names could be learned.

Affected Services

AWS ElasticSearch

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://duo.com/blog/beyond-s3-exposed-resources-on-aws

Contributed by https://github.com/ramimac

Disclosure Date

Tue, Jan 30th, 2018

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Scott Piper, Duo Security

More vulnerabilities...

medium

Bypassable and overly-privileged IAM policies

AWS has previously provided managed policies or guidance in documentation for policies with mistakes that allow them to be bypassed. Additionally, some policies are over-privileged. Date of disclos...

Multiple findings

Tue, Nov 7th, 2017

low

AWS Java SDK XXE injection

The AWS Java SDK was vulnerable to XML external entity (XXE) injection related to XML parsers.

Alex Brasetvik

Tue, Oct 10th, 2017

low

Public admin access to Azure's Red Hat Update Infrastructure

Full administrative access to the Azure Red Hat Enterprise Linux Appliance REST API was publicly exposed. It allowed malicious actors uploading packages that would be acquired by client virtual mac...

Ian Duffy

Sat, Nov 26th, 2016

View all