VYPR
Medium severity6.1NVD Advisory· Published Aug 10, 2018· Updated Jun 17, 2026

CVE-2018-13390

CVE-2018-13390

Description

Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
cloudtokenPyPI
>= 0.1.1, < 0.1.240.1.24

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.