Vector is found to get untrusted code C to run in the user area on Z via exploit in X that Y has not acknowledged, so researchers publish a CVE with an example.
C starts trying to read memory from threads shared on same vCPU, revealing db connection string used by X, the nonce and salt for hashing.
Vector is found to get untrusted code C to run in the user area on Z via exploit in X that Y has not acknowledged, so researchers publish a CVE with an example.
C starts trying to read memory from threads shared on same vCPU, revealing db connection string used by X, the nonce and salt for hashing.
Attacker now has the keys to the entire kingdom.