You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Security issue in AWS allows indirect data leakage through CloudTrail logs. AWS does not provide any way to block such exfiltration when using a service that is not compatible with VPC Endpoints/VPC Endpoint Policy. We can inject data into the User-Agent header in an API request, which then gets logged in the attacker's CloudTrail instance.
Summary (give a brief description of the issue)
Security issue in AWS allows indirect data leakage through CloudTrail logs. AWS does not provide any way to block such exfiltration when using a service that is not compatible with VPC Endpoints/VPC Endpoint Policy. We can inject data into the User-Agent header in an API request, which then gets logged in the attacker's CloudTrail instance.
References (provide links to blogposts, etc.)
https://github.com/jfbette/cloudconcerns/blob/main/scenarios/dataleakage/cloudtrail/data-exfiltration-through-cloudtrail.md
The text was updated successfully, but these errors were encountered: