CVE-2025-0693

Medium CVSS: 6.9

Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account.

Vendor

Product

CWE

CWE-204

Yayın Tarihi

2025-01-23 22:15:15

Güncelleme

2025-10-14 19:15:37

Source Identifier

ff89ba41-3aa1-4d27-914a-91399e9639e5

KEV Date Added

Kategoriler

CWE-204 MEDIUM 2025

Referanslar

https://aws.amazon.com/security/security-bulletins/AWS-2025-002/