# \[AWS] Reported AWS AppSync Issue\[2022-11/1]

## Reported AWS AppSync Issue

A security researcher recently disclosed a case-sensitivity parsing issue within AWS AppSync, which could potentially be used to bypass the service’s cross-account role usage validations and take action as the service across customer accounts.

No customers were affected by this issue, and no customer action is required.

AWS moved immediately to correct this issue when it was reported. Analysis of logs going back to the launch of the service have been conducted and we have conclusively determined that the only activity associated with this issue was between accounts owned by the researcher. No other customer accounts were impacted.

We would like to thank Datadog Security Labs for reporting this issue.<br>

Security-related questions or concerns can be brought to our attention via [**aws-security@amazon.com**](mailto:aws-security@amazon.com).

### 출처 : [AWS 바로가기](https://aws.amazon.com/ko/security/security-bulletins/AWS-2022-009/)&#x20;

{% embed url="<https://doc.skill.or.kr>" %}
NHN Cloud 정보 사이트&#x20;
{% endembed %}

{% embed url="<https://ssv.skill.or.kr>" %}
취약점 진단 분석 평가 방법 사이트
{% endembed %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://sul.skill.or.kr/security-update-infomations/2022/aws-reported-aws-appsync-issue-2022-11-1.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.