漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center
Vulnerability Description
Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
在安全决策中依赖未经信任的输入
Vulnerability Title
Amazon AWS Temporary Elevated Access Management 访问控制错误漏洞
Vulnerability Description
Amazon AWS Temporary Elevated Access Management(Amazon AWS TEAM)是美国亚马逊(Amazon)公司的一个与 AWS IAM Identity Center 集成的开源权限管理方案。用于规模化管理和监控 AWS 限时提升的访问权限。 Amazon AWS Temporary Elevated Access Management存在安全漏洞,该漏洞源于输入验证不当,允许篡改请求并伪造批准。
CVSS Information
N/A
Vulnerability Type
N/A