Skip to content

100% Private Proxies – Fast, Anonymous, Quality, Unlimited USA Private Proxy!

Get your private proxies now!

Is detecting if an email has an account considered a vulnerability with AWS cognito?

Am doing a pen test on a client system using AWS Cognito and userpools for authentication using the client side SDK provided by AWS.

during the forget password flow, I noticed that Cognito request returns 400 with a payload of

__type  UserNotFoundException message Username/client id combination not found.  

and 200 when a user is found

CodeDeliveryDetails {} AttributeName   email DeliveryMedium  EMAIL Destination j***@g***.com 

Is this considered a vulnerability? It seems to be for me. Its kinda a leak of information. When anyone can check if an email has an account with my app by calling this url.

Another attack vector would be brute forcing against known emails for a list of users on the app for marketing or phishing purposes.

ideally for this flow you would want Cognito to return 200 regardless of if the email exist or not.

I know what is considered a vulnerability is never black and white but this seems to be an issue for me given AWS is so big and trusted.

Author AdminPosted on May 31, 2019Categories proxiesTags account, Cognito, considered, Detecting, email, vulnerability

Post navigation

Previous Previous post: $\sum_{i=1}^x\sum_{j=1}^xf(i\cdot j)$ Double Summing a (Not Completely) Multiplicative Function
Next Next post: Failed to send emails that I never sent
100% Private Proxies – Fast, Anonymous, Quality, Unlimited USA Private Proxy! Proudly powered by WordPress

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123