We determined that non-production AWS API endpoints could be used for permission enumeration without logging to CloudTrail...
The research highlights that attackers can exploit misconfigurations and vulnerabilities in these non-production endpoints...
Since the issue was reported to AWS, the cloud provider has remediated two specific bypasses, releasing a fix last September...
While this specific example is no longer vulnerable, it is important t...
[
add
]
[
|
|
...
]