For 6 years, it was not possible to see what hosted zones an attacker
may have created in an account. This issue could be viewed as a business decision
that adding the ability to viewing this data was not worthwhile, but the delay
is significant and would allow someone that had compromised an environment to
maintain a backdoor.
Audit your VPC hosted zones
No tracked CVEs