VDB

GCVE-110-CLOUD-2024-0036

GCVE-110-CLOUD-2024-0036
Advisory Published
Vulnetix · Advisory published May 28, 2024
Researchers identified non-production AWS API endpoints that could be abused for defense evasion, including silent permission enumeration, accessing account data without logging, and partially bypassing CloudTrail. AWS has remediated specific issues but thousands of such endpoints may exist.

Affected Products

VendorProductVersionsPlatforms
AWSCloud Services
AWSECR, Cost Explorer, Route 53 Resolver, IVS
AWSCloudTrail

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›