VDB

GCVE-110-CLOUD-2018-0001

GCVE-110-CLOUD-2018-0001
Advisory Published
Vulnetix · Advisory published November 28, 2018
Resource policies lacked a way of restricting service access to only your own account, allowing an attacker to leverage a service to potentially access your resources. Originally discovered by Dan Peebles and presented at re:Invent in 2018, this issue did not gain enough attention to be fixed until Shir Tamari and Ami Luttwak from Wiz presented it at Black Hat 2021.

Affected Products

VendorProductVersionsPlatforms
AWSCloud Services
CloudflareAccess

References

advisory
advisory
advisory

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›