What is the severity of CVE-2025-1969?

CVE-2025-1969 has a medium severity level due to improper request input validation that could lead to spoofing approvals.

How do I fix CVE-2025-1969?

To fix CVE-2025-1969, you should upgrade AWS Temporary Elevated Access Management to version 1.2.2.

What does CVE-2025-1969 affect?

CVE-2025-1969 affects AWS Temporary Elevated Access Management software versions prior to 1.2.2.

What is the primary vulnerability in CVE-2025-1969?

The primary vulnerability in CVE-2025-1969 is improper request input validation that allows for approval spoofing.

What are the potential consequences of CVE-2025-1969?

The potential consequences of CVE-2025-1969 include unauthorized approvals which could compromise security in AWS IAM Identity Center.

Vulnerability/
CVE-2025-1969

medium

5.3

CWE

346 20

4/3/2025

CVE-2025-1969: Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center

First published: Tue Mar 04 2025(Updated: )

Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process

Credit: ff89ba41-3aa1-4d27-914a-91399e9639e5

Affected Software	Affected Version	How to fix
AWS Temporary Elevated Access Management	<1.2.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-1969?
CVE-2025-1969 has a medium severity level due to improper request input validation that could lead to spoofing approvals.
How do I fix CVE-2025-1969?
To fix CVE-2025-1969, you should upgrade AWS Temporary Elevated Access Management to version 1.2.2.
What does CVE-2025-1969 affect?
CVE-2025-1969 affects AWS Temporary Elevated Access Management software versions prior to 1.2.2.
What is the primary vulnerability in CVE-2025-1969?
The primary vulnerability in CVE-2025-1969 is improper request input validation that allows for approval spoofing.
What are the potential consequences of CVE-2025-1969?
The potential consequences of CVE-2025-1969 include unauthorized approvals which could compromise security in AWS IAM Identity Center.

collector/mitre-cve
source/MITRE
agent/weakness
agent/title
agent/references
agent/description
agent/first-publish-date
agent/type
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/nvd-api
source/NVD
agent/author
agent/last-modified-date
agent/source
agent/severity
agent/tags
agent/event
vendor/aws
canonical/aws temporary elevated access management

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.