Security Advisory

CVE-2024-52313

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-09 00:43:00
Last updated 2025-10-14 19:26:56
Assigner AMZN
State PUBLISHED

Description

An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by directly querying the object via getEnvironment in data.all.