CVE-2018-1197
https://notcve.org/view.php?id=CVE-2018-1197
In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials. En las versiones anteriores a la 1200.14 de Windows Stemcells, las aplicaciones que se ejecutan en contenedores en Windows en Google Cloud Platform pueden acceder al endpoint de metadatos. Un usuario malicioso podría emplear esto para obtener credenciales privilegiados. • https://www.cloudfoundry.org/blog/cve-2018-1197 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2018-1200
https://notcve.org/view.php?id=CVE-2018-1200
Apps Manager for PCF (Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5) allows unprivileged remote file read in its container via specially-crafted links. Apps Manager for PCF (Pivotal Application Service en versiones 1.11.x anteriores a la 1.11.26, versiones 1.12.x anteriores a la 1.12.14 y versiones 2.0.x anteriores a la 2.0.5) permite la lectura remota sin autorización en su contenedor mediante enlaces especialmente manipulados. • http://www.securityfocus.com/bid/103042 https://pivotal.io/security/cve-2018-1200 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-9880
https://notcve.org/view.php?id=CVE-2016-9880
The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker. El broker GemFire para Cloud Foundry, en versiones 1.6.x anteriores a la 1.6.5 y versiones 1.7.x anteriores a la 1.7.1, tiene múltiples endpoints de API que no requieren autenticación y que podrían usarse para obtener acceso al clúster gestionado por el broker. • http://www.securityfocus.com/bid/96146 https://pivotal.io/security/cve-2016-9880 • CWE-287: Improper Authentication •
CVE-2018-1227
https://notcve.org/view.php?id=CVE-2018-1227
Pivotal Concourse after 2018-03-05 might allow remote attackers to have an unspecified impact, if a customer obtained the Concourse software from a DNS domain that is no longer controlled by Pivotal. The original domain for the Concourse CI (concourse-dot-ci) open source project has been registered by an unknown actor, and is therefore no longer the official website for Concourse CI. The new official domain is concourse-ci.org. At approximately 4 am EDT on March 7, 2018 the Concourse OSS team began receiving reports that the Concourse domain was not responding. The Concourse OSS team discovered, upon investigation with both the original and the new domain registrars, that the originating domain registrar had made the domain available for purchase. • https://pivotal.io/security/cve-2018-1227 •
CVE-2018-1192
https://notcve.org/view.php?id=CVE-2018-1192
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user. En Cloud Foundry Foundation cf-release en versiones anteriores a v285; cf-deployment anteriores a v1.7; UAA 4.5.x anteriores a 4.5.5, 4.8.x anteriores a 4.8.3 y 4.7.x anteriores a 4.7.4 y UAA-release 45.7.x anteriores a 45.7, 52.7.x anteriores a 52.7 y 53.3.x anteriores a 53.3, SessionID se registra en los logs de eventos de auditoría. Un atacante podría utilizar el SessionID para suplantar un usuario registrado. • https://www.cloudfoundry.org/blog/cve-2018-1192 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •