CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-14389
https://notcve.org/view.php?id=CVE-2017-14389
28 Nov 2017 — An issue was discovered in Cloud Foundry Foundation capi-release (all versions prior to 1.45.0), cf-release (all versions prior to v280), and cf-deployment (all versions prior to v1.0.0). The Cloud Controller does not prevent space developers from creating subdomains to an already existing route that belongs to a different user in a different org and space, aka an "Application Subdomain Takeover." Se ha descubierto un problema en Cloud Foundry Foundation capi-release (todas las versiones anteriores a la 1.4... • https://www.cloudfoundry.org/cve-2017-14389 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14390
https://notcve.org/view.php?id=CVE-2017-14390
27 Nov 2017 — In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration with Loggregator and syslog-drain causes logs to be drained to unintended locations. En Cloud Foundry Foundation cf-deployment v0.35.0, un error de configuración con Loggregator y syslog-drain provoca que los informes se purguen en localizaciones no planeadas. • http://www.securityfocus.com/bid/101972 •