VDB
GCVE-110-CLOUD-2018-0001
GCVE-110-CLOUD-2018-0001
Advisory Published
Resource policies lacked a way of restricting service access to only your
own account, allowing an attacker to leverage a service to potentially access
your resources. Originally discovered by Dan Peebles and presented at re:Invent
in 2018, this issue did not gain enough attention to be fixed until Shir Tamari
and Ami Luttwak from Wiz presented it at Black Hat 2021.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | Cloud Services | — | — |
| Cloudflare | Access | — | — |
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.