Show plain JSON{"containers": {"cna": {"affected": [{"product": "Routing", "vendor": "Cloud Foundry", "versions": [{"lessThan": "0.197.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2020-02-24T00:00:00", "descriptions": [{"lang": "en", "value": "Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-393", "description": "CWE-393: Return of Wrong Status Code", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-02-27T19:30:23", "orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03", "shortName": "pivotal"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.cloudfoundry.org/blog/cve-2020-5401"}], "source": {"discovery": "UNKNOWN"}, "title": "Cloud Foundry GoRouter is vulnerable to cache poisoning", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@pivotal.io", "DATE_PUBLIC": "2020-02-24T00:00:00.000Z", "ID": "CVE-2020-5401", "STATE": "PUBLIC", "TITLE": "Cloud Foundry GoRouter is vulnerable to cache poisoning"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Routing", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "0.197.0"}]}}]}, "vendor_name": "Cloud Foundry"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-393: Return of Wrong Status Code"}]}]}, "references": {"reference_data": [{"name": "https://www.cloudfoundry.org/blog/cve-2020-5401", "refsource": "CONFIRM", "url": "https://www.cloudfoundry.org/blog/cve-2020-5401"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T08:30:23.785Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cloudfoundry.org/blog/cve-2020-5401"}]}]}, "cveMetadata": {"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03", "assignerShortName": "pivotal", "cveId": "CVE-2020-5401", "datePublished": "2020-02-27T19:30:23.717536Z", "dateReserved": "2020-01-03T00:00:00", "dateUpdated": "2024-09-16T17:38:11.499Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"} 
ReportizFlow
Vulnrichment
Redhat