EUVD-2020-26584

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

VMware Tanzu App Autoscaler logs UAA admin and broker passwords exposing admin privileges to users.

Reporter	Title	Published	Views	Family All 5
CVE	CVE-2020-5414	31 Jul 202019:40	–	cve
Cvelist	CVE-2020-5414 App Autoscaler logs credentials	31 Jul 202019:40	–	cvelist
NVD	CVE-2020-5414	31 Jul 202020:15	–	nvd
OSV	CVE-2020-5414	31 Jul 202020:15	–	osv
Prion	Design/Logic Flaw	31 Jul 202020:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "e4e4b89d-78ca-3af9-9818-f2dee879a110",
        "vendor": {
          "name": "VMware Tanzu"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "09c251bd-75e3-3fed-95f4-1e22671915e0",
        "product": {
          "name": "PCF Autoscaling"
        },
        "product_version": "All <v232"
      },
      {
        "id": "1a84ea82-da7a-36a4-9cb8-c7c724fde10a",
        "product": {
          "name": "VMware Tanzu Application Service for VMs"
        },
        "product_version": "2.8.x <2.8.13"
      },
      {
        "id": "3d90d3ae-971d-3c5a-889c-74450d304d73",
        "product": {
          "name": "VMware Tanzu Application Service for VMs"
        },
        "product_version": "2.7.x <2.7.19"
      },
      {
        "id": "41ba11a2-538f-3a81-b51d-451212cd5cf6",
        "product": {
          "name": "VMware Tanzu Application Service for VMs"
        },
        "product_version": "2.9.x <2.9.7"
      },
      {
        "id": "451ce9ba-c72f-37aa-8222-e5dc5d9ce3d5",
        "product": {
          "name": "Operations Manager"
        },
        "product_version": "2.8 <2.8.6"
      },
      {
        "id": "8ed6805b-ae24-3a87-b4ff-e51740ea3570",
        "product": {
          "name": "Operations Manager"
        },
        "product_version": "2.7 <2.7.15"
      },
      {
        "id": "ccb73a2c-a803-348b-b9b8-3eb5d0ecb0d3",
        "product": {
          "name": "Operations Manager"
        },
        "product_version": "2.9 <2.9.1"
      }
    ]
  }
]

Source	Link
tanzu	www.tanzu.vmware.com/security/cve-2020-5414
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.8Medium risk

Vulners AI Score5.8

CVSS 35.7

CVSS 3.15.7

CVSS 26

EPSS0.00564