The Comprehend Medical service was found to have 8 API endpoints that incorrectly reported the user-agent and network information as "AWS Internal" in CloudTrail event logs. This behavior was observed specifically for FIPS endpoints, which may have been an intentional design decision. The vulnerability could have allowed an adversary to perform API calls using these endpoints and evade the logging of their IP address and operating system…Read More
