VDB

GCVE-110-CLOUD-2025-0050

GCVE-110-CLOUD-2025-0050
Advisory Published
Vulnetix · Advisory published January 23, 2025
A vulnerability in AWS IAM Sign-in login flow could allow attackers to enumerate IAM usernames by measuring server response times. This issue affected AWS Sign-in IAM User login flow prior to January 16, 2025. AWS has since introduced a delay in response times across all authentication failure scenarios to mitigate the vulnerability.

Affected Products

VendorProductVersionsPlatforms
AWSIAM

Browse GCVE Records

73,866 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›