Cloudfoundry - Routing-release CVE

Filtered by vendor Cloudfoundry Subscribe

Filtered by product Routing-release

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-8218	1 Cloudfoundry	2 Cf-release, Routing-release	2017-11-08	7.5 HIGH	9.8 CRITICAL
An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users to the routing API, aka an "Unauthenticated JWT signing algorithm in routing" issue.

Vulnerabilities (CVE)