what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Hashicorp Vault GCP IAM Integration Authentication Bypass

Hashicorp Vault GCP IAM Integration Authentication Bypass: Posted Oct 6, 2020; Authored by Google Security Research, Felix Wilhelm; HashiCorp Vault's GCP authentication method can be bypassed on gce type roles that do not specify bound_service_accounts. Vault does not enforce that the compute_engine data in a signed JWT token has any relationship to the service account that created the token. This makes it possible to impersonate arbitrary GCE instances, by creating a JWT token with a faked compute_engine struct, using an arbitrary attacker controlled service account.; tags | exploit, arbitrary; advisories | CVE-2020-16251; SHA-256 | 34f611b87b68b7fd6cab37412c7d4092e8b5a0d5ec0b29df2c510e9bc1a45ab4; Download | Favorite | View

Top Authors In Last 30 Days

Red Hat 167 files
Ubuntu 107 files
indoushka 53 files
Debian 22 files
nu11secur1ty 18 files
Apple 13 files
Google Security Research 7 files
Gentoo 7 files
CraCkEr 6 files
LiquidWorm 4 files

File Tags

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,844)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,826)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,921)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,946)
UNIX (9,317)
UnixWare (186)
Windows (6,589)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec