|
2023-06-16
|
CVE-2023-20885
|
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions prior to 63; SMB-volume release: All versions prior to 3.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior to 7.1.19.
|
Cloud_foundry_nfs_volume, Cloud_foundry_notifications, Cloud_foundry_smb_volume
|
6.5
|
|
|
|
2019-08-05
|
CVE-2019-3800
|
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.
|
Elasticsearch, Logme, Mongodb, Mysql, Postgresql, Rabbitmq, Redis, Edge_service_broker, Application_analytics, Application_performance_monitoring, Platform_montioring, Nozzle, Service_broker, Conjur_service_broker, Application_monitoring, Enterprise_service_broker, Service_broker, Service_broker, Google_cloud_platform_service_broker, Websphere_liberty_, Azure_log_analytics_nozzle, Azure_service_broker, Dotnet_extension_buildpack, Nozzle, Service_broker, Service_broker, Application_service, Cloud_foundry_autoscaling_release, Cloud_foundry_command_line_interface, Cloud_foundry_command_line_interface_release, Cloud_foundry_deployment, Cloud_foundry_deployment_concourse_tasks, Cloud_foundry_event_alerts, Cloud_foundry_healthwatch, Cloud_foundry_log_cache_release, Cloud_foundry_networking_release, Cloud_foundry_notifications, Cloud_foundry_routing_release, Cloud_foundry_smoke_test, Credhub_service_broker_for_pcf, Metric_registrar_release, On_demand_service_broker, Pivotal_cloud_foundry_service_broker, Single_sign\-On, Steelcentral_appinternals, Volume_service, Service_broker, Service_broker, Pubsub\+, Nozzle, Nozzle, Seeker_iast_service_broker, Businessworks_buildpack, Wavefront_by_vmware_nozzle, Db_enterprise
|
7.8
|
|
|