kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

feat(queries): add new aws iam privilege escalation queries

Open gafnit-lightspin opened this issue 3 years ago • 3 comments

Closes #

Proposed Changes

  • Added several new KICS queries for AWS IAM privilege escalation

I submit this contribution under the Apache-2.0 license.

gafnit-lightspin avatar May 31 '22 15:05 gafnit-lightspin

Scan submitted to Checkmarx

kicsbot avatar May 31 '22 15:05 kicsbot

Logo Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 5 vulnerabilities High 0 High Medium 0 Medium Low 5 Low Info 0 Info

Violation Summary

No policy violation found

kicsbot avatar May 31 '22 15:05 kicsbot

Hi @gafnit-lightspin,

Thank you for the great contributions!

We did a review of the list of proposed queries and since the comments are the same for all the queries, we summarize them here:

  • Category and Severity are adequate. The list of queries belongs to the context of IAM privilege escalation, which fits inside the Access Control category. As for the Severity, regardless of their different type in the likelihood of exploitation, the outcome will be the same, privilege escalation.
  • The Descriptions can be improved to also consider why such permission creates a security issue and that (in this case) it can lead to a privilege escalation. The reference [1] can help better understand and define a more suited approach.
  • The Descriptions URL should point to the respective affected endpoints (the affected policy).

[1] AWS IAM Privilege Escalation – Methods and Mitigation

rjegoncalves avatar Jun 20 '22 09:06 rjegoncalves