VDB

GCVE-110-CLOUD-2020-0022

GCVE-110-CLOUD-2020-0022
Advisory Published
Vulnetix · Advisory published July 27, 2020
Using CloudTrail S3 data events, it was possible to determine the AWS account ID of any existing S3 bucket by calling any S3 API, getting denied, and looking at the value in the resource key in error message that showed up in CloudTrail.

Affected Products

VendorProductVersionsPlatforms
AWSS3
AWSCloudTrail

References

advisory
advisory

Browse GCVE Records

73,866 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›