VDB
GCVE-110-CLOUD-2023-0008
GCVE-110-CLOUD-2023-0008
Advisory Published
Unit 42 researchers discovered a security risk in Google Workspace's domain-wide delegation feature that allows a GCP identity with necessary permissions to generate access tokens to impersonate Google Workspace users and access their data. This mismatch between GCP permissions and Google Workspace access could be exploited by malicious insiders or attackers with stolen credentials.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GCP | Cloud Services | — | — |
| GCP | Google Workspace | — | — |
Browse GCVE Records
72,096 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.