Search
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22101 | 1 Cloudfoundry | 2 Capi-release, Cf-deployment | 2021-10-29 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Controller versions prior to 1.118.0 are vulnerable to unauthenticated denial of Service(DoS) vulnerability allowing unauthenticated attackers to cause denial of service by using REST HTTP requests with label_selectors on multiple V3 endpoints by generating an enormous SQL query. | |||||
| CVE-2020-5417 | 1 Cloudfoundry | 2 Capi-release, Cf-deployment | 2021-08-17 | 6.5 MEDIUM | 8.8 HIGH |
| Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain (which is true in the default CF Deployment manifest), were vulnerable to developers maliciously or accidentally claiming certain sensitive routes, potentially resulting in the developer's app handling some requests that were expected to go to certain system components. | |||||
| CVE-2019-11283 | 2 Cloudfoundry, Pivotal Software | 2 Cf-deployment, Cloud Foundry Smb Volume | 2021-08-17 | 4.0 MEDIUM | 8.8 HIGH |
| Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with access to the SMB Volume logs can discover the username and password for volumes that have been recently created, allowing the user to take control of the SMB Volume. | |||||
| CVE-2018-1265 | 2 Cloudfoundry, Pivotal Software | 2 Cf-deployment, Cloud Foundry Diego | 2021-08-17 | 6.5 MEDIUM | 7.2 HIGH |
| Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell. | |||||
| CVE-2018-1262 | 2 Cloudfoundry, Pivotal Software | 3 Cf-deployment, Cloud Foundry Uaa, Cloud Foundry Uaa-release | 2021-08-17 | 6.5 MEDIUM | 7.2 HIGH |
| Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation. | |||||
| CVE-2021-22001 | 1 Cloudfoundry | 2 Cf-deployment, User Account And Authentication | 2021-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent to UAA server. | |||||
| CVE-2018-1221 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2021-05-27 | 5.5 MEDIUM | 8.1 HIGH |
| In cf-deployment before 1.14.0 and routing-release before 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers (ALBs) and some other HTTP-aware Load Balancers. A user with developer privileges could use this vulnerability to steal data or cause denial of service. | |||||
| CVE-2020-5423 | 1 Cloudfoundry | 2 Capi-release, Cf-deployment | 2020-12-04 | 7.8 HIGH | 7.5 HIGH |
| CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM. | |||||
| CVE-2019-11290 | 1 Cloudfoundry | 2 Cf-deployment, User Account And Authentication | 2020-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well. | |||||
| CVE-2020-5420 | 1 Cloudfoundry | 2 Cf-deployment, Gorouter | 2020-09-11 | 6.8 MEDIUM | 7.7 HIGH |
| Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters. | |||||
| CVE-2020-5402 | 1 Cloudfoundry | 2 Cf-deployment, User Account And Authentication | 2020-03-03 | 6.8 MEDIUM | 8.8 HIGH |
| In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers. | |||||
| CVE-2019-11289 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2020-01-03 | 7.8 HIGH | 8.6 HIGH |
| Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash. | |||||
| CVE-2019-11277 | 1 Cloudfoundry | 2 Cf-deployment, Nfs Volume Release | 2019-10-09 | 5.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack. | |||||
| CVE-2018-1191 | 1 Cloudfoundry | 2 Cf-deployment, Garden-runc-release | 2019-10-09 | 3.5 LOW | 8.8 HIGH |
| Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials. | |||||