Amazon Awslabs Sandbox Accounts Events
By the Year
In 2024 there have been 0 vulnerabilities in Amazon Awslabs Sandbox Accounts Events . Last year Awslabs Sandbox Accounts Events had 2 security vulnerabilities published. Right now, Awslabs Sandbox Accounts Events is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 2 | 6.15 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Awslabs Sandbox Accounts Events vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Amazon Awslabs Sandbox Accounts Events Security Vulnerabilities
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously
CVE-2023-51386
3.3 - Low
- December 22, 2023
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned events, timeframes, budgets and owner email addresses. This data access may allow users to get insights into upcoming events and join events which they have not been invited to. This issue has been patched in version 1.10.0.
Improper Privilege Management
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously
CVE-2023-50928
9 - Critical
- December 22, 2023
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event ids and self-defined budget & duration. This issue only affects cleaned AWS accounts, it is not possible to access AWS accounts in use or existing data/infrastructure. This issue has been patched in version 1.1.0.
Authorization
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Amazon Awslabs Sandbox Accounts Events or by Amazon? Click the Watch button to subscribe.
