Vulnerabilities tagged 'cloud'

Cross-Account Container Takeover in Azure Container Instances

tl;dr Cool chain to escape and impact other containers on Azure Container Instances hosted by Kubernetes clusters (some are hosted by Service Fabric Clusters which are not vulnerable in this way), first is the container escape itself into the containing node/vm, followed by a leaked JWT useful to run commands against all nodes in the cluster.

 

Terminal escape injection in AWS CloudShell

The vulnerability here is in libterm.js as used by AWS CloudShell.When handing the escape to get the Termcap/Terminfo string (+q) it’ll reflect the parameter right back into the respond…