Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2018-06-06T20:00:00Z

Updated: 2024-09-17T04:25:07.541Z

Reserved: 2017-12-06T00:00:00

Link: CVE-2018-1268

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-06-06T20:29:00.503

Modified: 2024-11-21T03:59:30.240

Link: CVE-2018-1268

cve-icon Redhat

No data.