PT-2025-9698 · Aws · Team
Werner Bester
·
Published
2025-03-04
·
Updated
2025-03-21
·
CVE-2025-1969
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center versions prior to 1.2.2
Description
The issue is related to improper request input validation, allowing a user to modify a valid request and spoof an approval.
Recommendations
Upgrade to the latest release v.1.2.2 and follow the instructions in the updating TEAM documentation for the updating process.
Fix
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Team