Cloud Foundry Notifications
Monthly
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.