VDB

GCVE-110-CLOUD-2021-0028

GCVE-110-CLOUD-2021-0028
Advisory Published
Vulnetix · Advisory published March 17, 2021
GCP provides an OS Login service for managing SSH access to compute instances using IAM roles. An attacker could abuse this feature via LXD, Docker (if available on the target system) and DHCP poisoning of the metadata server to escalate their privileges on a Google Compute Engine VM.

Affected Products

VendorProductVersionsPlatforms
GCPCompute Engine

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›