CVE-2025-34064

Name of the Vulnerable Software and Affected Versions: OneLogin AD Connector (affected versions not specified)

Description: A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket (onelogin-adc-logs-production) without validating bucket ownership. This allows an attacker who registers this unclaimed bucket to receive log files from other OneLogin tenants, potentially containing sensitive data such as directory tokens, user metadata, and environment configuration. This enables cross-tenant leakage of secrets, potentially allowing JWT signing key recovery and user impersonation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.