Amazon Web Services (AWS) addressed an AWS Glue security issue that allowed attackers to access and modify data associated with other AWS customer accounts.
AWS Glue is a serverless cloud data integration service that helps discover, prepare, and combine data for app development, machine learning, and analytics.
The error resulted from an exploitable AWS Glue feature and an incorrect configuration of the internal service API, which enabled Orca Security’s security researchers to extend permissions for access to all service resources in the region.
“During our research, we were able to identify a feature in AWS Glue that could be exploited to obtain credentials for a role within the AWS service’s own account, which gave us full access to the internal service API,” said Yanir Tsarimi , a cloud security researcher at Orca Security.
“In combination with an internal misconfiguration in the Glue-internal service API, we were able to further extend the authorizations within the account to the point …