Sandbox Accounts for Events Users Beware of Data Exposure Vulnerability

CVECVE-2023-51386
CVSScvssV3_1: 7.8
SourceCVE-2023-51386

Sandbox Accounts for Events, a tool that provides temporary AWS accounts via a browser GUI, was found to have a vulnerability that could allow unauthorized access to event planning data.

Attackers could send malicious requests to the events API to read information from the events table, including details about upcoming events, timeframes, budgets and owner contact information. This exposed data could help attackers learn insights into a company’s event planning and potentially join events without an invite.

The vulnerability resided in the way the events API handled certain request payloads. By crafting payloads in a specific way, attackers who had access to one of the temporary sandbox accounts could potentially view any event data, not just what they were authorized to see.

If you use Sandbox Accounts for Events, be sure to update to the latest version 1.10.0 which fixes this issue. Also review your event planning data and monitor for any suspicious activity on past or upcoming events. Consider enabling additional authentication on sensitive event APIs to prevent similar data leaks. Staying on top of software updates is key to protecting your organization’s private data and planning.

References