Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrAnwarayoob71D9979B-BD8C-4571-84E6-15A8C3970E06
HistorySep 16, 2021 - 6:04 a.m.

Exposure of Sensitive Information to an Unauthorized Actor in opendatacube/odc-tools

2021-09-1606:04:58
anwarayoob
www.huntr.dev
3
information disclosure
aws principleid
sourceipaddress
configurationid
proof of concept
impact
leaks sensitive data
bug bounty
JSON

Description

Information Disclosure AWS PrincipleID, sourceIPAddress, configurationId and more.

Proof of Concept

https://raw.githubusercontent.com/opendatacube/odc-tools/develop/apps/dc_tools/tests/data/sentinel-2-nrt_2020_08_21.json

Impact

Leaks Sensitive Data

JSON