AWS RDS Vulnerability Leads to AWS Internal Service Credentials

Lightspin obtains credentials to an internal AWS service by exploiting a local file read vulnerability on the RDS EC2 instance using the log_fdw extension.

Related Keywords

Aurora Postgre , ,Security Token Service ,Amazon Relational Database Service ,Service Access ,Lightspin Research Team ,Research Team ,Amazon Aurora ,Unique Identifiers ,Access Key ,Secret Access Key ,Session Token ,Token Service ,Amazon Resource Name ,