VDB

GCVE-110-CLOUD-2019-0006

GCVE-110-CLOUD-2019-0006
Advisory Published
Vulnetix · Advisory published August 31, 2019
Researcher discovered access to non-production Google App Engine environments and internal APIs. This allowed configuring internal settings like Service Account IDs and quotas. Google considered it RCE due to their infrastructure. Access was blocked and a $36,337 reward issued.

Affected Products

VendorProductVersionsPlatforms
AWSConfig
GCPApp Engine

References

advisory

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›