Log Cache Release
Monthly
Authentication bypass in Cloud Foundry's cf-auth-proxy (log-cache_release through v3.2.6) lets a remote unauthenticated attacker mint a JWT that the proxy accepts as a valid logs.admin token, granting read access to every application and platform-component log and metric across the foundation. CVSS 7.5 with AV:N/AC:L/PR:N reflects trivially-reachable, network-based exploitation; no public exploit has been identified at time of analysis, but the CVSS vector includes E:P indicating proof-of-concept maturity per the issuing CNA (VMware).
Authentication bypass in Cloud Foundry's cf-auth-proxy (log-cache_release through v3.2.6) lets a remote unauthenticated attacker mint a JWT that the proxy accepts as a valid logs.admin token, granting read access to every application and platform-component log and metric across the foundation. CVSS 7.5 with AV:N/AC:L/PR:N reflects trivially-reachable, network-based exploitation; no public exploit has been identified at time of analysis, but the CVSS vector includes E:P indicating proof-of-concept maturity per the issuing CNA (VMware).