high

RCE in Google Cloud Deployment Manager

Published Thu, May 21st, 2020

Platforms

Summary

An RCE in Google Cloud Deployment Manager could have allowed an attacker to make requests to internal Google services, authenticated as a privileged service account.

Affected Services

Cloud Deployment Manager

Tracked CVEs

No tracked CVEs

References

https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html

Contributed by https://github.com/0xdabbad00

Entry Status

Finalized

Disclosure Date

Thu, May 7th, 2020

Exploitablity Period

until 2020/05/20

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Ezequiel Pereira

More vulnerabilities...

high

RCE in Google Cloud Deployment Manager

An RCE in Google Cloud Deployment Manager could have allowed an attacker to make requests to internal Google services, authenticated as a privileged service account.

Ezequiel Pereira

Thu, May 21st, 2020

high

RCE in Google Cloud Deployment Manager

An RCE in Google Cloud Deployment Manager could have allowed an attacker to make requests to internal Google services, authenticated as a privileged service account.

Ezequiel Pereira

Thu, May 21st, 2020

high

RCE in Google Cloud Deployment Manager

An RCE in Google Cloud Deployment Manager could have allowed an attacker to make requests to internal Google services, authenticated as a privileged service account.

Ezequiel Pereira

Thu, May 21st, 2020

View all