Matej Nedic

**Name of the Vulnerable Software and Affected Versions** Spring Cloud AWS versions 3.0.0 through 4.0.1 **Description** Applications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support via `@NotificationMessageMapping`, `@NotificationSubscriptionMapping`, or `@NotificationUnsubscribeConfirmationMapping` do not verify the signature of incoming SNS messages. An unauthenticated attacker with knowledge of the endpoint URL can send crafted HTTP POST requests mimicking SNS Notification or SubscriptionConfirmation messages. This allows the attacker to force the application to process arbitrary payloads as legitimate notifications or auto-confirm subscriptions and unsubscribe from attacker-controlled topics. **Recommendations** Versions 3.0.0 through 4.0.1: Upgrade to version 4.0.2. Versions 3.0.0 through 3.4.2: Manually verify the SNS message signature in a servlet filter or Spring HandlerInterceptor using `SnsMessageManager` before the request reaches the controller.