Filtered by vendor Cloudfoundry
Subscriptions
Total
108 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-15586 | 6 Cloudfoundry, Debian, Fedoraproject and 3 more | 15 Cf-deployment, Routing-release, Debian Linux and 12 more | 2024-11-21 | 5.9 Medium |
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. | ||||
CVE-2019-3801 | 1 Cloudfoundry | 3 Cf-deployment, Credhub, Uaa Release | 2024-11-21 | 9.8 Critical |
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the component. | ||||
CVE-2019-3798 | 1 Cloudfoundry | 1 Capi-release | 2024-11-21 | N/A |
Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalate their privileges to that of the victim by creating a client with a name equal to the guid of their victim. | ||||
CVE-2019-3789 | 1 Cloudfoundry | 1 Routing Release | 2024-11-21 | 6.5 Medium |
Cloud Foundry Routing Release, all versions prior to 0.188.0, contains a vulnerability that can hijack the traffic to route services hosted outside the platform. A user with space developer permissions can create a private domain that shadows the external domain of the route service, and map that route to an app. When the gorouter receives traffic destined for the external route service, this traffic will instead be directed to the internal app using the shadow route. | ||||
CVE-2019-3788 | 1 Cloudfoundry | 1 Uaa Release | 2024-11-21 | N/A |
Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim. | ||||
CVE-2019-3786 | 1 Cloudfoundry | 1 Bosh Backup And Restore | 2024-11-21 | 7.1 High |
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file of a Bosh Backup and Restore job to request extra backup files from different jobs upon restore. The exploited hooks in this metadata script were only maintained in the cfcr-etcd-release, so clusters deployed with the BBR job for etcd in this release are vulnerable. | ||||
CVE-2019-3785 | 1 Cloudfoundry | 1 Capi-release | 2024-11-21 | 8.1 High |
Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. A remote authenticated malicious user with read permissions can request package information and receive a signed bit-service url that grants the user write permissions to the bit-service. | ||||
CVE-2019-3784 | 1 Cloudfoundry | 1 Stratos | 2024-11-21 | N/A |
Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. When deployed on cloud foundry with multiple instances using the default embedded SQLite database, a remote authenticated malicious user can switch sessions to another user with the same session id. | ||||
CVE-2019-3783 | 1 Cloudfoundry | 1 Stratos | 2024-11-21 | 8.8 High |
Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret. A malicious user with default session store secret can brute force another user's current Stratos session, and act on behalf of that user. | ||||
CVE-2019-3782 | 1 Cloudfoundry | 1 Credhub Cli | 2024-11-21 | 7.8 High |
Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user. | ||||
CVE-2019-3781 | 1 Cloudfoundry | 1 Command Line Interface | 2024-11-21 | 8.8 High |
Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password. | ||||
CVE-2019-3780 | 1 Cloudfoundry | 1 Container Runtime | 2024-11-21 | 8.8 High |
Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains a configuration file with IAAS credentials. A malicious user with access to the k8s nodes can obtain IAAS credentials allowing the user to escalate privileges to gain access to the IAAS account. | ||||
CVE-2019-3779 | 1 Cloudfoundry | 1 Container Runtime | 2024-11-21 | N/A |
Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD. | ||||
CVE-2019-3775 | 1 Cloudfoundry | 1 Uaa Release | 2024-11-21 | N/A |
Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user. | ||||
CVE-2019-11294 | 1 Cloudfoundry | 2 Capi-release, Cf-deployment | 2024-11-21 | 4.3 Medium |
Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to admins. | ||||
CVE-2019-11293 | 1 Cloudfoundry | 2 Cf-deployment, User Account And Authentication | 2024-11-21 | 6.5 Medium |
Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters. | ||||
CVE-2019-11290 | 1 Cloudfoundry | 2 Cf-deployment, User Account And Authentication | 2024-11-21 | 7.5 High |
Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well. | ||||
CVE-2019-11289 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2024-11-21 | 8.6 High |
Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash. | ||||
CVE-2019-11283 | 2 Cloudfoundry, Pivotal Software | 2 Cf-deployment, Cloud Foundry Smb Volume | 2024-11-21 | 8.8 High |
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with access to the SMB Volume logs can discover the username and password for volumes that have been recently created, allowing the user to take control of the SMB Volume. | ||||
CVE-2019-11282 | 2 Cloudfoundry, Pivotal Software | 2 Cf-deployment, Cloud Foundry Uaa | 2024-11-21 | 4.3 Medium |
Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote authenticated malicious user with scim.invite scope can craft a request with malicious content which can leak information about users of the UAA. |