H3-2024-0001
AWS Privilege Escalation - iam:AttachUserPolicy
| Category | SECURITY_MISCONFIGURATION |
| Base Score | 9 |
Description
An AWS user or role assigned the iam:AttachUserPolicy permission, that is not an administrator, can assign an AWS user administrator permissions.
Impact
This misconfiguration permits an AWS user to escalate to administrator permissions.