VDB

GCVE-110-CLOUD-2021-0015

GCVE-110-CLOUD-2021-0015
Advisory Published
Vulnetix · Advisory published September 22, 2021
Upon blocking a request, GCP Org policy constraints were logging the deny logs in Principal''s project and the blocking project. An attacker could use those logs to exfiltrate any data, by making request from a Principal they own from a defender project.

Affected Products

VendorProductVersionsPlatforms
GCPCloud Services
AzureACI
AzureCloud Services

References

Azurescape
advisory
advisory

Browse GCVE Records

73,734 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›