Vulnerabilities > Amazon > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-27 CVE-2022-2582 Inadequate Encryption Strength vulnerability in Amazon AWS Software Development KIT
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field.
network
low complexity
amazon CWE-326
4.3
2022-12-12 CVE-2022-23511 Unspecified vulnerability in Amazon Cloudwatch Agent
A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354.
network
low complexity
amazon
6.8
2022-11-16 CVE-2022-41917 Improper Handling of Exceptional Conditions vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana.
network
low complexity
amazon CWE-755
4.3
2022-11-15 CVE-2022-41918 Unspecified vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana.
network
low complexity
amazon
6.3
2022-09-23 CVE-2022-39230 Unspecified vulnerability in Amazon Fhir-Works-On-Aws-Authz-Smart 3.1.0/3.1.1/3.1.2
fhir-works-on-aws-authz-smart is an implementation of the authorization interface from the FHIR Works interface.
network
low complexity
amazon
6.5
2022-07-15 CVE-2022-31159 Unspecified vulnerability in Amazon Aws-Sdk-Java
The AWS SDK for Java enables Java developers to work with Amazon Web Services.
network
low complexity
amazon
6.5
2022-04-14 CVE-2022-25166 Information Exposure vulnerability in Amazon AWS Client VPN 2.0.0
An issue was discovered in Amazon AWS VPN Client 2.0.0.
local
low complexity
amazon CWE-200
5.0
2022-02-24 CVE-2022-24709 Unspecified vulnerability in Amazon Awsui/Components-React
@awsui/components-react is the main AWS UI package which contains React components, with TypeScript definitions designed for user interface development.
network
low complexity
amazon
6.1
2021-10-19 CVE-2021-41150 Path Traversal vulnerability in Amazon Tough
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories.
network
low complexity
amazon CWE-22
6.5
2021-07-24 CVE-2021-37436 Unspecified vulnerability in Amazon Echo DOT Firmware 20180427/20210702
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks.
high complexity
amazon
4.2