We discovered an AWS access vulnerability
AWS IAM was used extensively by Stedi to enforce role-based access control for customers. A vulnerability was discovered in AWS STS where role trust policy statements were evaluated incorrectly, allowing unauthorized access to AWS accounts. Stedi shared their discovery process and collaboration with..