Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-19981

Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to create authenticated and/or authorized requests. Note that the attacker must have "root" privilege access to the Android filesystem in order to exploit this vulnerability (i.e. the device has been compromised, such as disabling or bypassing Android's fundamental security mechanisms).

Published

2019-04-04T15:29:01.110

Last Modified

2024-11-21T03:58:56.083

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.2 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-312

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	amazon	aws_software_development_kit	≤ 2.8.5	Yes

References

https://aws-amplify.github.io/aws-sdk-android/docs/reference/com/amazonaws/auth/CognitoCachingCredentialsProvider.html Exploit, Third Party Advisory ([email protected])
https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_01.png Exploit, Third Party Advisory ([email protected])
https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_02.png Exploit, Third Party Advisory ([email protected])
https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_03.png Exploit, Third Party Advisory ([email protected])
https://aws-amplify.github.io/aws-sdk-android/docs/reference/com/amazonaws/auth/CognitoCachingCredentialsProvider.html Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_01.png Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_02.png Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_03.png Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)