VDB
GCVE-110-CLOUD-2022-0014
GCVE-110-CLOUD-2022-0014
Advisory Published
An issue in Azure Cloud Shell could have allowed an attacker to take over
an Azure App Service domain and leverage it to inject and execute
commands in other tenants' terminals if they navigated to the domain while
logged into their account. Using this method, an attacker could query the
Azure IMDS on other tenants' behalf and thereby obtain their access tokens.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Azure | Cloud Shell | — | — |
| Azure | Cloud Services | — | — |
| Azure | App Service | — | — |
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.