AWS - SQS Privesc
SQS
For more information check:
pageAWS - SQS Enumsqs:AddPermission
sqs:AddPermission
An attacker could use this permission to grant unauthorized users or services access to an SQS queue by creating new policies or modifying existing policies. This could result in unauthorized access to the messages in the queue or manipulation of the queue by unauthorized entities.
Potential Impact: Unauthorized access to the queue, message exposure, or queue manipulation by unauthorized users or services.
sqs:SendMessage
, sqs:SendMessageBatch
sqs:SendMessage
, sqs:SendMessageBatch
An attacker could send malicious or unwanted messages to the SQS queue, potentially causing data corruption, triggering unintended actions, or exhausting resources.
Potential Impact: Vulnerability exploitation, Data corruption, unintended actions, or resource exhaustion.
sqs:ReceiveMessage
, sqs:DeleteMessage
, sqs:ChangeMessageVisibility
sqs:ReceiveMessage
, sqs:DeleteMessage
, sqs:ChangeMessageVisibility
An attacker could receive, delete, or modify the visibility of messages in an SQS queue, causing message loss, data corruption, or service disruption for applications relying on those messages.
Potential Impact: Steal sensitive information, Message loss, data corruption, and service disruption for applications relying on the affected messages.
Last updated