Description

An IAM Managed Policy is an object in AWS that, when associated with an identity or resource, defines their permissions. The policy {AwsIamManagedPolicy} was found with permissive permissions that allows the user the ability to create access keys for a user or create/update console login credentials. An attacker may leverage this ability in order to create or update credentials for a user other than themselves, allowing them to then log in and act on behalf of that user.