Security Vulnerability affects Cloud Foundry for IBM Cloud Private
CVEID: CVE-2019-3800 DESCRIPTION: Pivotal Cloud Foundry CL could allow a local authenticated attacker to obtain sensitive information, caused by storing sensitive information in the config when user authenticated. By accessing the config file, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164895> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Cloud Foundry for IBM Cloud Private 3.2.0, 3.2.1
Product defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages
For Cloud Foundry for IBM Cloud Private 3.2.0, apply fix pack:
For Cloud Foundry for IBM Cloud Private 3.2.1:
None
CPE | Name | Operator | Version |
---|---|---|---|
cloud foundry | eq | any |