VDB

CVE-2024-52314

CVE-2024-52314 PUBLISHED CVSS 6.900000095367432 MEDIUM

A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log scanning for particular operations that interact with customer producer teams data.

EPSS 0.24% · 47.6th percentile

Risk Scores

CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.24%
47.6th percentile

Affected Products

VendorProductVersions
amazondata.all1.0.0, 1.0.0

Timeline

  • Nov 9, 2024 EPSS Score
  • Nov 9, 2024 Coalition ESS Score
  • Nov 9, 2024 CVE Published
  • Nov 12, 2024 Coalition ESS Score
  • Nov 27, 2024 EPSS Score
  • Dec 16, 2024 EPSS Score
  • Jan 2, 2025 EPSS Score
  • Jan 20, 2025 EPSS Score
  • Feb 7, 2025 EPSS Score
  • Feb 25, 2025 EPSS Score
  • Mar 15, 2025 EPSS Score
  • Apr 1, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›