← Zuruck zu CVEs
CVE-2025-0693
MEDIUM5.3
Beschreibung
Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account.
CVE Details
CVSS v3.1 Bewertung5.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht1/23/2025
Zuletzt geandert10/14/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-204CWE-208
Referenzen
https://aws.amazon.com/security/security-bulletins/AWS-2025-002/(ff89ba41-3aa1-4d27-914a-91399e9639e5)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.