VDB-310277 | GuardDuty S3 Bucket Policy GetBucketPublicAccessBlock/GetBucketPolicyStatus permission

Inserito da Angelo Barbosa | Mag 26, 2025 | CVE

A vulnerability, which was classified as critical, has been found in GuardDuty. This issue affects the function GetBucketPublicAccessBlock/GetBucketPolicyStatus of the component S3 Bucket Policy Handler. The manipulation leads to permission issues.

The attack can only be initiated within the local network. There is no exploit available.

VDB-310277 | GuardDuty S3 Bucket Policy GetBucketPublicAccessBlock/GetBucketPolicyStatus permission

Post correlati

CVE-2024-38215 | Microsoft Windows up to Server 2022 23H2 Cloud Files Mini Filter Driver integer overflow

CVE-2024-1104 | Areal Topkapi Webserv2 6.2.4776 excessive authentication

CVE-2024-23903 | GitLab Branch Source Plugin up to 684.vea_fa_7c1e2fe3 on Jenkins Webhook Token comparison

CVE-2023-51780 | Linux Kernel up to 6.6.7 net/atm/ioctl.c do_vcc_ioctl use after free