Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2018-08-10T15:00:00Z
Updated: 2024-09-17T03:38:25.019Z
Reserved: 2018-07-06T00:00:00
Link: CVE-2018-13390
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-08-10T15:29:00.377
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-13390
Redhat
No data.