VDB
GCVE-110-CLOUD-2021-0003
GCVE-110-CLOUD-2021-0003
Advisory Published
A vulnerability was discovered in Cloud Shell that enabled command injection and remote shell access.
The "Open in Cloud Shell" functionality allowed a user to provide values for both the "git_repo" and "go_get_repo" parameters,
which would clone the target repo in the user's environment. While "git_repo" was validated against a list of trusted repos,
"go_get_repo" was not. Therefore, an attacker could have supplied a trusted repository as "git_repo" and
an arbitrary command in the "go_get_repo" parameter. The command would then be executed in a trusted environment where it is
possible to access the user's home directory and to perform API calls using the user's credentials. However, the impact of this is unclear,
as an attacker would seemingly only be able to gain such a remote shell on their own instance. In theory, phishing
could be used to try and coerce a user into running a command that exposed their credentials to the attacker.
Google mitigated this issue by preventing users from being able to provide both parameters at once.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | S3 | — | — |
| AWS | Cloud Services | — | — |
| GCP | Cloud Shell | — | — |
| AWS | IAM | — | — |
| GCP | Cloud Services | — | — |
References
AWS SOC 2 type 2 failure (Fall 2021)
advisory
Google Cloud Shell command injection
advisory
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.