VDB

GCVE-110-CLOUD-2020-0009

GCVE-110-CLOUD-2020-0009
Advisory Published
Vulnetix · Advisory published October 15, 2020
AWS have released or changed managed IAM policies in unexpected and insecure ways. Examples include: CheesepuffsServiceRolePolicy, AWSServiceRoleForThorInternalDevPolicy, AWSCodeArtifactReadOnlyAccess.json, AmazonCirrusGammaRoleForInstaller. The worst being the ReadOnlyAccess policy having almost all privileges removed and unexpected ones added.

Affected Products

VendorProductVersionsPlatforms
AWSCloud Services
AWSIAM

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›