Back to directory
WRITEUP #2299

Zimbra Open Bucket Data Leak – Responsible Disclosure

CloudAWS misconfiguration
by@raffaele_forte(Raffaele Forte)
Program
Zimbra
Published
Aug 26, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://members.backbox.org/zimbra-open-bucket-data-leak-responsible-disclosure/
RELATED WRITEUPS
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat