Security researchers have discovered a vulnerability named "LeakyCLI" that exposes sensitive credentials in logs for organizations using AWS and Google Cloud platforms. This flaw is similar to a previously identified vulnerability in Azure CLI.
The Breakdown
The LeakyCLI vulnerability exposes sensitive credentials in logs used in cloud environments.
It affects command-line tools used in AWS and Google Cloud platforms.
The flaw mirrors a vulnerability previously identified in Azure CLI.
Adversaries could exploit this exposure to gain access to critical credentials and compromise resources.
Orca Security notified Google and AWS, but both companies consider this behavior within expected design parameters.
Organizations have been advised by cybersecurity analysts to refrain from storing secrets in environment variables and use dedicated secrets store services instead.