Back to directory
WRITEUP #1334

Two Minor Cross-Tenant Vulnerabilities in AWS App Runner

CloudCross-tenant vulnerability
by@frichette_n(Nick Frichette)
Program
AWS
Published
Apr 3, 2023
Added to HackDex
Apr 6, 2023
Read Full Writeuphttps://frichetten.com/blog/minor-cross-tenant-vulns-app-runner/
RELATED WRITEUPS
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat