CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11293 – UAA logs all query parameters with debug logging level
https://notcve.org/view.php?id=CVE-2019-11293
06 Dec 2019 — Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters. Cloud Foundry UAA Release, versiones anteriores a v74.10.0, cuando se establece el nivel de registro DEBUG, registra las credenciales de client_secret cuando se envían como un parámetro de consulta. Un usuario ma... • https://www.cloudfoundry.org/blog/cve-2019-11293 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11290 – Cloud Foundry UAA logs query parameters in tomcat access file
https://notcve.org/view.php?id=CVE-2019-11290
25 Nov 2019 — Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well. Cloud Foundry UAA Release, versiones anteriores a la versión v74.8.0, registra todos los parámetros de consulta en el archivo de acceso de tomcat. Si los parámetros de consulta se utilizan para proporcionar autenticación, es decir. credenciales, luego se registrarán también. • https://www.cloudfoundry.org/blog/cve-2019-11290 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11289 – A forged route service request using an invalid nonce can cause the gorouter to panic and crash
https://notcve.org/view.php?id=CVE-2019-11289
19 Nov 2019 — Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash. Cloud Foundry Routing, todas las versiones anteriores a la versión 0.193.0, no valida correctamente la entrada nonce. Un usuario malintencionado remoto no autenticado podría falsificar una solicitud de servicio de ruta HTTP utilizando un nonce no válido que provocará el bloqu... • https://www.cloudfoundry.org/blog/cve-2019-11289 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11283 – Password leak in smbdriver logs
https://notcve.org/view.php?id=CVE-2019-11283
23 Oct 2019 — Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with access to the SMB Volume logs can discover the username and password for volumes that have been recently created, allowing the user to take control of the SMB Volume. Cloud Foundry SMB Volume, versiones anteriores a v2.0.3, imprime accidentalmente información confidencial en los registros. Un usuario remoto con acceso a los registros de SMB Volume puede descubrir el nombre de usuari... • https://www.cloudfoundry.org/blog/cve-2019-11283 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11282 – UAA is vulnerable to a Blind SCIM injection leading to information disclosure
https://notcve.org/view.php?id=CVE-2019-11282
23 Oct 2019 — Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote authenticated malicious user with scim.invite scope can craft a request with malicious content which can leak information about users of the UAA. Cloud Foundry UAA, versiones anteriores a v74.3.0, contiene un endpoint que es vulnerable al ataque de inyección SCIM. Un usuario malicioso autenticado remoto con alcance de scim.invite puede diseñar una petición con contenido malicioso que pued... • https://www.cloudfoundry.org/blog/cve-2019-11282 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11277 – Volume Services is vulnerable to an LDAP injection attack
https://notcve.org/view.php?id=CVE-2019-11277
23 Sep 2019 — Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack. Cloud Foundry NFS Volume Service, versiones 1.7.x anteriores a 1.7.11 y versiones 2.x anteriores a 2.3.0, es vulnerable a la inyección LDAP. Un desarrollador de espacio malic... • https://www.cloudfoundry.org/blog/cve-2019-11277 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-3801 – Java Projects using HTTP to fetch dependencies
https://notcve.org/view.php?id=CVE-2019-3801
25 Apr 2019 — Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the component. Cloud Foundry cf-deployment versiones anteriores a 7.9.0, contiene componentes java que son empleados en un protocolo inseguro cuando se construyen dependencias. Un atacante malicioso remoto sin autenticar, podría secuestrar... • http://www.securityfocus.com/bid/108104 • CWE-319: Cleartext Transmission of Sensitive Information CWE-494: Download of Code Without Integrity Check •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1265
https://notcve.org/view.php?id=CVE-2018-1265
06 Jun 2018 — Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell. Cloud Foundry Diego, en versiones anteriores a la 2.8.0, no sanea correctamente las rutas de archivo en las cabeceras de archivos tar y zip. Un atacante remoto con privilegios de administrador CF puede subir ... • https://www.cloudfoundry.org/blog/cve-2018-1265 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1193
https://notcve.org/view.php?id=CVE-2018-1193
23 May 2018 — Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only respond over secure connections. Cloud Foundry routing-release, en versiones anteriores a la 0.175.0, carece de saneamiento para cabeceras X-Forwarded-Proto proporcionadas por el usuario. Un usuario remoto puede establecer la cabecera X-Forwarded-Proto en una petición ... • https://www.cloudfoundry.org/blog/cve-2018-1193 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2018-1262
https://notcve.org/view.php?id=CVE-2018-1262
15 May 2018 — Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation. Cloud Foundry Foundation UAA, en versiones 4.12.X y 4.13.X, introdujo una característica que podría permitir el escalado de pri... • https://www.cloudfoundry.org/blog/cve-2018-1262 •