VDB

GCVE-110-CLOUD-2024-0043

GCVE-110-CLOUD-2024-0043
Advisory Published
Vulnetix · Advisory published April 9, 2024
Tag variable names affected whether trust policy conditions were evaluated correctly. If the request tag referenced a principal tag called MemberRole in the JWT token, and the IAM role referenced a resource tag with the same variable name, the condition was always evaluated as true, regardless of whether the tag's values actually matched. Only role trust policies that used a variable substitution for both the request tag and the resource tag in the policy statement resulted in the policy evaluating incorrectly. The issue impacted statements within IAM boundary policies and SCP policies that contained the same pattern of STS role assumption with tag-based conditions.

Affected Products

VendorProductVersionsPlatforms
AWSCloud Services
AWSIAM, STS
AWSIAM

References

advisory

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›