Cloud Security
Captain
•
1y ago
•
100%
Writeup: AWS API Gateway header smuggling and cache confusion
securityblog.omegapoint.se"This allowed us to completely bypass the application’s tenant isolation and access data from any tenant in the system"
Official announcement from AWS: https://aws.amazon.com/blogs/security/removing-header-remapping-from-amazon-api-gateway-and-notes-about-our-work-with-security-researchers/
Comments 0