CVE-2025-1969 Information

Mar 07, 2025 cve

Description

Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM.

Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process

Reference

https://aws.amazon.com/security/security-bulletins/AWS-2025-004/ https://github.com/aws-samples/iam-identity-center-team/security/advisories/GHSA-x9xv-r58p-qh86

Share on: