Valid Accounts: Cloud Accounts

The attacker uses valid credentials obtained through the reset token to access user accounts.

Metadata

Severity: medium
Slug: valid-accounts-cloud-accounts

MITRE

T1098.001: Account Manipulation: Additional Cloud Credentials
T1078.004: Valid Accounts: Cloud Accounts
T1070.003: Indicator Removal: Clear Command History

Available Labs

Select a language to explore available labs for this vulnerability.

1 Lab

Python Labs

Python 1 lab

Explore 1 lab in Python.

No matching labs found

Try adjusting your language filter.

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.