Vulnerability cyber

Amazon Web Services

Aug 21, 2024 1 min read
Amazon Web Services

A vulnerability in Amazon Web Services' Application Load Balancer was discovered by security firm Miggo, which could potentially allow an attacker to bypass access controls and compromise web applications. This vulnerability was not due to a software flaw but stemmed from customers' configuration of the service, particularly the setup of authentication. Researchers identified over 15,000 web applications with potentially vulnerable configurations, though AWS disputes the figure and has contacted customers to recommend more secure setups. Exploiting this vulnerability would involve token forgery by the attacker to obtain unauthorized access to applications, escalating privileges within the system.

Source: https://www.wired.com/story/aws-application-load-balancer-implementation-compromise/

TPRM report: https://scoringcyber.rankiteo.com/company/amazon-web-services

"id": "ama000082124",
"linkid": "amazon-web-services",
"type": "Vulnerability",
"date": "8/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 15000,
                        'industry': 'Technology',
                        'name': 'Amazon Web Services',
                        'type': 'Cloud Service Provider'}],
 'attack_vector': 'Token Forgery',
 'description': "A vulnerability in Amazon Web Services' Application Load "
                'Balancer was discovered by security firm Miggo, which could '
                'potentially allow an attacker to bypass access controls and '
                'compromise web applications. This vulnerability was not due '
                "to a software flaw but stemmed from customers' configuration "
                'of the service, particularly the setup of authentication. '
                'Researchers identified over 15,000 web applications with '
                'potentially vulnerable configurations, though AWS disputes '
                'the figure and has contacted customers to recommend more '
                'secure setups. Exploiting this vulnerability would involve '
                'token forgery by the attacker to obtain unauthorized access '
                'to applications, escalating privileges within the system.',
 'motivation': 'Unauthorized Access, Privilege Escalation',
 'post_incident_analysis': {'root_causes': 'Misconfiguration of AWS '
                                           'Application Load Balancer '
                                           'Authentication'},
 'references': [{'source': 'Security firm Miggo'}],
 'title': 'AWS Application Load Balancer Vulnerability',
 'type': 'Misconfiguration',
 'vulnerability_exploited': 'Misconfiguration of AWS Application Load Balancer '
                            'Authentication'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.