All 5 CVE vulnerabilities found in data.all, with AI-generated Chinese analysis, references, and POCs.
Vendor: amazon
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2024-52314 | data.all admin user may access potentially sensitive data stored by producers via logs CWE-863 | 4.9 | Medium | 2024-11-09 |
| CVE-2024-52312 | data.all authenticated users can perform restricted operations against DataSets and Environments CWE-863 | 5.4 | Medium | 2024-11-09 |
| CVE-2024-52313 | data.all authenticated users can obtain incorrect object level authorizations CWE-639 | 4.3 | Medium | 2024-11-09 |
| CVE-2024-10953 | data.all authenticated users can perform mutating update operations on persisted notification records CWE-863 | 4.3 | Medium | 2024-11-09 |
| CVE-2024-52311 | data.all does not invalidate authentication token upon user logout CWE-613 | 6.3 | Medium | 2024-11-09 |
All 5 known CVE vulnerabilities affecting data.all with full Chinese analysis, references, and POCs where available.