CVE-2017-9450
N/A
N/A
Summary
The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://sintonen.fi/advisories/aws-cfn-bootstrap-local-code-execution-as-root.txt
- https://alas.aws.amazon.com/ALAS-2017-861.html
- http://www.securityfocus.com/bid/99972
References
- https://sintonen.fi/advisories/aws-cfn-bootstrap-local-code-execution-as-root.txt
- https://alas.aws.amazon.com/ALAS-2017-861.html
- http://www.securityfocus.com/bid/99972
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.