Product
This threat involves adversaries obtaining temporary AWS credentials from a misconfigured Cognito Identity Pool without authentication. If a Cognito Identity Pool is set to allow unauthenticated (guest) access and its associated unauthenticated IAM role has overly broad permissions, attackers can discover the pool ID, call `GetId`, and then `GetCredentialsForIdentity` to acquire AWS credentials. This grants them unauthorized access to AWS resources and sensitive data, bypassing typical authentication mechanisms.