Medium
resolved
resolved
Non-Production API Endpoints for the AI Ops Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration
Bug reported by Nick Frichette (Datadog) was disclosed at January 6, 2026, 6:00 pm | Insufficient Logging
The vulnerability found that there are 5 non-production endpoints for the AI Ops service that can be used with standard IAM credentials and do not log to CloudTrail. While the endpoints do not appear to provide access to customer partition data, they can be used for permission enumeration without leaving an audit trail.
![[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]](https://64.media.tumblr.com/834502d05f9b014cbc37366fe428a5a7/13cb9841c0799d7a-ff/s500x560/e72398fe92beda2aa80d0329e8b9f4febece7568.gif)
