H3-2024-0005¶
AWS Privilege Escalation - iam:CreateAccessKey
| Category | SECURITY_MISCONFIGURATION |
| Base Score | 7.0 |
Description¶
An AWS user or role assigned the iam:CreateAccessKey permission, that is not an administrator, can get AWS keys for another user with more permissions.
Impact¶
This misconfiguration permits an AWS user or role to compromise another user with more permissions.