VDB

GCVE-110-CLOUD-2022-0013

GCVE-110-CLOUD-2022-0013
Advisory Published
Vulnetix · Advisory published September 20, 2022
Any unattached storage volume, or attached storage volumes allowing multi-attachment, could have been read from or written to as long as an attacker knew their Oracle Cloud Identifier (OCID), allowing sensitive data to be exfiltrated or even more impactful attacks to be initiated via executable file manipulation in the target tenant's environment.

Affected Products

VendorProductVersionsPlatforms
OciOCI Volumes
Oracle CloudCloud Services

References

AttachMe
advisory
advisory

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›