← back
CVE-2017-9450

CVE-2017-9450

EPSS 0.4%
The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://alas.aws.amazon.com/ALAS-2017-861.htmlhttps://sintonen.fi/advisories/aws-cfn-bootstrap-local-code-execution-as-root.txthttp://www.securityfocus.com/bid/99972