VDB
GCVE-110-CLOUD-2024-0036
GCVE-110-CLOUD-2024-0036
Advisory Published
Researchers identified non-production AWS API endpoints that could be abused for defense evasion, including silent permission enumeration, accessing account data without logging, and partially bypassing CloudTrail. AWS has remediated specific issues but thousands of such endpoints may exist.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | Cloud Services | — | — |
| AWS | ECR, Cost Explorer, Route 53 Resolver, IVS | — | — |
| AWS | CloudTrail | — | — |
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.