+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports)
+--- Thread: HackerOne Disclosed Reports - 2025-04-24 (/Thread-HackerOne-Disclosed-Reports-2025-04-24)
HackerOne disclosed reports - 2025-04-24 - hashXploiter - 04-25-2025
resolved
Privilege Escalation in Edit and Create Secret Endpoints Leads to Unauthorized Secret Modification
Bug reported by Ahmed Esmail was disclosed at April 24, 2025, 6:43 am | Improper Access Control - Generic
The vulnerability allows a user with the Builder role to list all existing secret names, create new secrets, and overwrite existing secrets by using the same name. This behavior violates permission boundaries and leads to privilege escalation and unauthorized access to sensitive data.
resolved
Non-Production API Endpoints for the ssm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration
Bug reported by Nick Frichette (Datadog) was disclosed at April 24, 2025, 1:39 am | Insufficient Logging
The non-production API endpoints for the ssm service were found to fail to log to CloudTrail, resulting in silent permission enumeration. Eighteen non-production endpoints were identified that can be used with standard IAM credentials without generating CloudTrail logs.