Back to directory
WRITEUP #1862

Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential for unauthorized database access

CloudSQL injectionPrivilege escalationInformation disclosure
by@ronenshh(Ronen Shustin)
Program
IBM
Published
Dec 1, 2022
Added to HackDex
Dec 5, 2022
Read Full Writeuphttps://www.wiz.io/blog/hells-keychain-supply-chain-attack-in-ibm-cloud-databases-for-postgresql
RELATED WRITEUPS
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation
Escalating Privileges in Google Cloud via Open Groups
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat