H3-2024-0008
AWS Privilege Escalation - iam:UpdateAssumeRolePolicy
| Category | SECURITY_MISCONFIGURATION |
| Base Score | 7 |
Description
An AWS user or role assigned the iam:UpdateAssumeRolePolicy permission, that is not an administrator, can assume another role with more permissions.
Impact
This misconfiguration permits an AWS user to escalate permissions.