Summary
AWS have released or changed managed IAM policies in unexpected and insecure ways.
Examples include: CheesepuffsServiceRolePolicy, AWSServiceRoleForThorInternalDevPolicy,
AWSCodeArtifactReadOnlyAccess.json, AmazonCirrusGammaRoleForInstaller. The worst
being the ReadOnlyAccess policy having almost all privileges removed and unexpected
ones added.
Affected Services
N/A
Remediation
None required
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/Rami_McCarthy
Entry Status
Finalized
Disclosure Date
Thu, Oct 15th, 2020
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
-
