Skip to main content

Cloud Foundry Cf Deployment

2 CVEs product

Monthly

CVE-2020-5399 HIGH This Week

Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Credhub Cloud Foundry Cf Deployment
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2018-1192 Maven HIGH PATCH This Week

In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cloud Foundry Uaa Cloud Foundry Uaa Release Cloud Foundry Cf Release Cloud Foundry Cf Deployment
NVD
CVSS 3.0
8.8
EPSS
1.0%
EPSS 1% CVSS 7.4
HIGH This Week

Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Credhub Cloud Foundry Cf Deployment
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cloud Foundry Uaa Cloud Foundry Uaa Release +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy