CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3779 – Cloud Foundry Container Runtime allows a user to bypass security policy when talking to ETCD
https://notcve.org/view.php?id=CVE-2019-3779
08 Mar 2019 — Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD. Cloud Foundry Container Runtime, en versiones anteriores a la 0.29.0, despliega clústeres Kubernetes que utilizan la misma... • https://www.cloudfoundry.org/blog/cve-2019-3779 • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3780 – Cloud Foundry Container Runtime Leaks IAAS Credentials
https://notcve.org/view.php?id=CVE-2019-3780
08 Mar 2019 — Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains a configuration file with IAAS credentials. A malicious user with access to the k8s nodes can obtain IAAS credentials allowing the user to escalate privileges to gain access to the IAAS account. Cloud Foundry Container Runtime, en versiones anteriores a la 0.28.0, despliega los nodos "K8s worker" que contienen un archivo de configuración con credenciales IAAS. Un usuario malicioso con acceso a los nodos k8s pue... • http://www.securityfocus.com/bid/107434 • CWE-260: Password in Configuration File CWE-522: Insufficiently Protected Credentials •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3775 – UAA allows users to modify their own email address
https://notcve.org/view.php?id=CVE-2019-3775
07 Mar 2019 — Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user. Cloud Foundry UAA, en versiones anteriores a la v70.0, permite a un usuario actualizar su propia dirección de correo electrónico. Un usuario autenticado remoto puede suplantar a un usuario distinto, modificando su dirección de correo electrónico acon la de otro usuario. • https://www.cloudfoundry.org/blog/cve-2019-3775 • CWE-287: Improper Authentication CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3783 – Cloud Foundry Stratos Deploys With Public Default Session Store Secret
https://notcve.org/view.php?id=CVE-2019-3783
07 Mar 2019 — Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret. A malicious user with default session store secret can brute force another user's current Stratos session, and act on behalf of that user. Cloud Foudry Stratos, en versiones anteriores a 2.3.0, se despliega con un secreto de almacenamiento de sesión por defecto. Un usuario malicioso con un secreto de almacenamiento de sesión por defecto puede realizar una ataque con fuerza bruta a la sesión Statos actual de o... • https://www.cloudfoundry.org/blog/cve-2019-3783 • CWE-384: Session Fixation CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3781 – CF CLI does not sanitize user's password in verbose/trace/debug
https://notcve.org/view.php?id=CVE-2019-3781
07 Mar 2019 — Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password. Cloud Foudry CLI, en versiones anteriores a v6.43.0, expone contraseñas de manera incorrecta cuando verbose/trace/debugging está habilitado. Un usuario no autenticado o un usuario remoto autenticado malicioso con acceso a los logs podría obtener parte o toda la contras... • http://www.securityfocus.com/bid/107365 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-215: Insertion of Sensitive Information Into Debugging Code •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3784 – Cloud Foundry Stratos contains a Session Collision Vulnerability
https://notcve.org/view.php?id=CVE-2019-3784
07 Mar 2019 — Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. When deployed on cloud foundry with multiple instances using the default embedded SQLite database, a remote authenticated malicious user can switch sessions to another user with the same session id. Cloud Foundry Stratos, en versiones anteriores a 2.3.0, contiene una sesión insegura que se podría suplantar. Al desplegarse en cloud foundry con múltiples instancias utilizando la base de datos SQLite embebida por ... • https://www.cloudfoundry.org/blog/cve-2019-3784 • CWE-384: Session Fixation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3782 – CredHub CLI writes environment variable credentials to disk
https://notcve.org/view.php?id=CVE-2019-3782
13 Feb 2019 — Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user. Cloud Foundry CredHub CLI, en versiones anteriores a la 2.2.1, escribe inadvertidamente credenciales de autenticación proporcionadas mediante var... • http://www.securityfocus.com/bid/107038 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11084 – Garden-runC prevents deletion of some app environments
https://notcve.org/view.php?id=CVE-2018-11084
18 Sep 2018 — Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. A remote authenticated malicious user may create and delete apps with crafted file attributes to cause a denial of service for new app instances or scaling up of existing apps. Cloud Foundry Garden-runC release, en versiones anteriores a la 1.16.1, evita la eliminación de algunos entornos de aplicación basados en atributos de archivo. Un usuario autenticado remoto malicioso podrí... • https://www.cloudfoundry.org/blog/cve-2018-11084 •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0708
https://notcve.org/view.php?id=CVE-2016-0708
11 Jul 2018 — Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions fo... • https://www.cloudfoundry.org/blog/cve-2016-0708 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-1268
https://notcve.org/view.php?id=CVE-2018-1268
06 Jun 2018 — Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app. Cloud Foundry Loggregator, en versiones 89.x anteriores a la 89.5, versiones 96.x anteriores a la 96.1, versiones 99.x anteriores a la 99.1, versiones 101.x anteriores a... • https://www.cloudfoundry.org/blog/cve-2018-1268 • CWE-20: Improper Input Validation •