H3-2021-0029
AWS Unrestricted Assume Role Access
| Category | CREDENTIALS |
| Base Score | 7.5 |
Description
The AWS role has an unrestricted policy which allows any arbitrary account to assume the permissions of that role.
Impact
This allows an attacker to gain all of the permissions assigned to the role within your AWS environment. Depending on the permissions assigned, this could have critical implications.