PT-2026-25773 · Amazon Web Services · Aws Api Mcp Server
Published
2026-03-16
·
Updated
2026-05-15
·
CVE-2026-4270
CVSS v4.0
6.8
Medium
| Vector | AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
AWS API MCP Server versions 0.2.14 through 1.3.8
Description
The AWS API MCP Server, used to enable AI assistants to interact with AWS services, has an issue where file access restrictions can be bypassed. This affects the 'no-access' and 'workdir' features, potentially exposing arbitrary local file contents to the MCP client application context. The server acts as a bridge between AI assistants and AWS services, allowing management of AWS infrastructure. It includes a configurable file access feature that controls how AWS CLI commands interact with the local file system.
Recommendations
Upgrade to version 1.3.9.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aws Api Mcp Server