CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1198
https://notcve.org/view.php?id=CVE-2018-1198
Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during BOSH deployment logs. A malicious user with access to the logs could escalate their privileges using this password. Pivotal Cloud Cache, en versiones anteriores a la 1.3.1, imprime una contraseña de superusuario en texto plano durante los logs de implementación de BOSH. Un usuario malicioso con acceso a los logs podría escalar sus privilegios mediante esta contraseña. • https://pivotal.io/security/cve-2018-1198 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1223
https://notcve.org/view.php?id=CVE-2018-1223
Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. A malicious user with the ability to read the application logs could use these credentials to escalate privileges. Cloud Foundry Container Runtime (kubo-release), en versiones anteriores a la 0.14.0, podría filtrar las credenciales UAA y vCenter a los logs de la aplicación. Un usuario malicioso que pueda leer los logs de aplicación podría emplear estas credenciales para escalar privilegios. • https://www.cloudfoundry.org/blog/cve-2018-1223 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11087 – TLS validation error
https://notcve.org/view.php?id=CVE-2018-11087
Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit. Pivotal Spring AMQP, en versiones 1.x anteriores a la 1.7.10 y versiones 2.x anteriores a la 2.0.6, expone una vulnerabilidad Man-in-the-Middle (MitM) debido a la falta de validación de nombres de host. Un usuario malicioso que pueda interceptar tráfico sería capaz de ver los datos en tránsito. • https://pivotal.io/security/cve-2018-11087 • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0715
https://notcve.org/view.php?id=CVE-2016-0715
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present. Pivotal Cloud Foundry Elastic Runtime, desde la versión 1.4.0 hasta la 1.4.5, de la 1.5.0 hasta la 1.5.11 y desde la versión 1.6.0 hasta la 1.6.11 es vulnerable a una divulgación de información remota. Se ha detectado que las instrucciones originales de configuración de la mitigación que se proporcionaron como parte de CVE-2016-0708 estaban incompletas y podrían hacer que PHP Buildpack, Staticfile Buildpack y, probablemente, otras aplicaciones Buildpack personalizadas sean vulnerables a la divulgación de información remota. • https://pivotal.io/security/cve-2016-0715 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-11047
https://notcve.org/view.php?id=CVE-2018-11047
Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longer expiration time than access tokens, allowing the possessor of a refresh token to authenticate longer than expected. This affects the administrative endpoints of the UAA. i.e. /Users, /Groups, etc. However, if the user has been deleted or had groups removed, or the client was deleted, the refresh token will no longer be valid. • https://www.cloudfoundry.org/blog/cve-2018-11047 • CWE-863: Incorrect Authorization •