One Article Review
| Source |  Vuln AWS |
|---|---|
| Identifiant | 8296122 |
| Date de publication | 2022-04-11 23:35:47 (vue: 2022-12-30 21:12:45) |
| Titre | Reported Amazon RDS PostgreSQL issue |
| Texte | Initial Publication Date: 2022/04/11 16:45 PST Last Updated Date: 2022/04/12 13:00 PST A security researcher recently reported an issue with Aurora PostgreSQL. Using this issue, they were able to gain access to internal credentials that were specific to their Aurora cluster. No cross-customer or cross-cluster access was possible; however, highly privileged local database users who could exercise this issue could potentially have gained additional access to data hosted in their cluster or read files within the operating system of the underlying host running their database. This issue was associated with a third-party open-source PostgreSQL extension, “log_fdw”, which is pre-installed in both Amazon Aurora PostgreSQL and Amazon RDS for PostgreSQL. The issue permitted the researcher to examine the contents of local system files of the database instance within their account, including a file which contained credentials specific to Aurora. Privileged, authenticated database users with sufficient permissions to trigger this issue could use these credentials to gain elevated access to their own database resources from which the credentials were retrieved. They would not be able to use the credentials to access internal RDS services or move between databases or AWS accounts. The credentials could only be used to access resources associated with the Aurora database cluster from which the credentials were retrieved. AWS moved immediately to address this issue when it was reported. As part of our mitigation, we have updated Amazon Aurora PostgreSQL and Amazon RDS for PostgreSQL to prevent this issue. We have also deprecated the Amazon Aurora PostgreSQL and Amazon RDS for PostgreSQL minor versions listed below. As such, customers can no longer create new instances with these versions. The following Amazon Aurora PostgreSQL and Amazon RDS for PostgreSQL minor versions have been deprecated: Amazon Aurora PostgreSQL-compatible edition versions: 10.11, 10.12, 10.13 11.6, 11.7, 11.8 Amazon RDS for PostgreSQL versions: 13.2, 13.1 12.6, 12.5, 12.4, 12.3, 12.2 11.11, 11.10, 11.9, 11.8, 11.7, 11.6, 11.5, 11.5, 11.4, 11.3, 11.2, 11.1 10.16, 10.15, 10.14, 10.13, 10.12, 10.11, 10.10, 10.9, 10.7, 10.6, 10.5, 10.4, 10.3, 10.1 9.6.21, 9.6.20, 9.6.19, 9.6.18, 9.6.17, 9.6.16, 9.6.15, 9.6.14, 9.6.12, 9.6.11, 9.6.10, 9.6.9, 9.6.8, 9.6.6, 9.6.5, 9.6.3, 9.6.2, 9.6.1 9.5, 9.4 and 9.3 For detailed release notes about minor versions, including existing supported versions, visit Aurora PostgreSQL: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html RDS PostgreSQL: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html We would like to thank Lightspin for reporting this issue. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com. |
| Envoyé | Oui |
| Condensat | 13:00 16:45 20180305 2022/04/11 2022/04/12 able about access account accounts additional address also amazon and associated attention aurora authenticated aws been below between both brought can cluster com com/amazonrds/latest/aurorauserguide/aurorapostgresql com/amazonrds/latest/userguide/chap compatible concerns contained contents could create credentials cross customer customers data database databases date: deprecated deprecated: detailed edition elevated examine exercise existing extension fdw” file files following for from gain gained have highly host hosted however html https://docs immediately including initial installed instance instances internal issue last lightspin like listed local longer minor mitigation move moved new not notes only open operating our own part party permissions permitted possible; postgresql postgresql: potentially pre prevent privileged pst publication questions rds read recently related release reported reporting researcher resources retrieved running security security@amazon services source specific such sufficient supported system thank that the their these they third this trigger underlying updated updates use used users using versions versions: via visit was were when which who with within would “log |
| Tags | |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.