VDB

GCVE-110-CLOUD-2021-0006

GCVE-110-CLOUD-2021-0006
Advisory Published
Vulnetix · Advisory published December 2, 2021
AWS SageMaker Notebook server lacked a check of the Origin header that led to a CSRF vulnerability. An attacker could have read sensitive data and execute arbitrary actions in customer environments. The exact same issue existed in GCP previously.

Affected Products

VendorProductVersionsPlatforms
AWSSageMaker
AzureCloud Services

References

Azure NotLegit
advisory
advisory

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›