Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Amazon — Vulnerabilities & Security Advisories 37

Browse all 37 CVE security advisories affecting Amazon. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Amazon operates primarily as a global e-commerce platform and cloud computing provider, offering extensive infrastructure services alongside retail operations. With thirty-six recorded Common Vulnerabilities and Exposures, the entity has historically faced risks associated with remote code execution, cross-site scripting, and privilege escalation, reflecting the complexity of its distributed architecture. Security assessments indicate that while the core infrastructure maintains robust controls, peripheral services and third-party integrations often present attack vectors. Notable incidents have included data exposure events and service disruptions, prompting continuous hardening of access controls and encryption standards. The organization’s scale necessitates rigorous monitoring, yet the sheer volume of endpoints and APIs creates a broad attack surface. Analysts observe that while critical backend systems remain resilient, user-facing applications and legacy components occasionally exhibit configuration weaknesses, requiring persistent patch management and vulnerability scanning to mitigate potential exploitation by threat actors targeting sensitive customer data and operational continuity.

Found 5 results / 37Clear Filters
Top products by Amazon: Amazon Athena ODBC driver data.all Fire TV Stick 3rd gen WorkSpaces Client Amazon Redshift JDBC Driver Amplify Studio Workspaces AWS EFS CSI Driver Ion-C Amazon WorkSpaces Amazon.IonDotnet ECS EMR Q Developer VS Code Extension Cloud Cam FreeRTOS Redshift Amazon Music Player Amazon Ion Dotnet Amazon Redshift Python Connector Amazon Redshift ODBC Driver Amazon.ApplicationLoadBalancer.Identity.AspNetCore Middleware AWS ALB Route Directive Adapter For Istio AWS SDK Blink XT2 Sync Module firmware
CVE IDTitleCVSSSeverityPublished
CVE-2024-52314 data.all admin user may access potentially sensitive data stored by producers via logs — data.allCWE-863 4.9 Medium2024-11-09
CVE-2024-52312 data.all authenticated users can perform restricted operations against DataSets and Environments — data.allCWE-863 5.4 Medium2024-11-09
CVE-2024-52313 data.all authenticated users can obtain incorrect object level authorizations — data.allCWE-639 4.3 Medium2024-11-09
CVE-2024-10953 data.all authenticated users can perform mutating update operations on persisted notification records — data.allCWE-863 4.3 Medium2024-11-09
CVE-2024-52311 data.all does not invalidate authentication token upon user logout — data.allCWE-613 6.3 Medium2024-11-09

This page lists every published CVE security advisory associated with Amazon. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.