Privilege Escalation Vulnerability in AWS CloudFormation Bootstrap Tools
CVE-2017-9450 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory.
Learn more about our Cis Benchmark Audit For Amazon Web Services.