VDB

GCVE-110-CLOUD-2023-0063

GCVE-110-CLOUD-2023-0063
Advisory Published
Vulnetix · Advisory published January 12, 2023
A vulnerability in Vertex AI Workbench allowed attackers to take over victims' Google Cloud projects through client-side SSRF. The initial bug involved unauthorized access to authentication tokens, which was later fixed. A bypass was later discovered (and also fixed) using open redirects in Feedburner and CSRF token manipulation.

Affected Products

VendorProductVersionsPlatforms
GCPVertex AI
GCPVertex AI Workbench
GCPCloud Services

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›