VDB
GCVE-110-CLOUD-2025-0050
GCVE-110-CLOUD-2025-0050
Advisory Published
A vulnerability in AWS IAM Sign-in login flow could allow attackers to enumerate IAM usernames by measuring server response times. This issue affected AWS Sign-in IAM User login flow prior to January 16, 2025. AWS has since introduced a delay in response times across all authentication failure scenarios to mitigate the vulnerability.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | IAM | — | — |
References
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.