AWS fixed multiple flaws in the authentication process that could let unauthenticated users bypass the protection for privilege escalation. Identified as CVE-2022-2385, the bug is an error in parameter validation. More information https://www.theregister.com/2022/07/12/authentication_bug_aws_kubernetes/