Filtered by vendor Pivotal Subscriptions
Filtered by product Cloud Foundry Notifications Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-20885 1 Pivotal 3 Cloud Foundry Nfs Volume, Cloud Foundry Notifications, Cloud Foundry Smb Volume 2024-12-16 6.5 Medium
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions prior to 63; SMB-volume release: All versions prior to 3.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior to 7.1.19.
CVE-2019-3800 27 Anynines, Apigee, Appdynamics and 24 more 55 Elasticsearch, Logme, Mongodb and 52 more 2024-11-21 N/A
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.