Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2019-11293
HistoryDec 06, 2019 - 8:15 p.m.

CVE-2019-11293

2019-12-0620:15:09
Google
osv.dev
4

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.0%

JSON

Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters.

Related

prion 1
cloudfoundry 1
cvelist 1
nvd 1
symantec 1
cve 1
prion
prion
Authentication flaw
2019-12-06 20:15:00
cloudfoundry
cloudfoundry
CVE-2019-11293: UAA logs all query parameters with debug logging level | Cloud Foundry
2019-12-03 00:00:00
cvelist
cvelist
CVE-2019-11293 UAA logs all query parameters with debug logging level
2019-12-03 00:00:00
nvd
nvd
CVE-2019-11293
2019-12-06 20:15:09
symantec
symantec
Multiple Cloud Foundry Products CVE-2019-11293 Information Disclosure Vulnerability
2019-12-03 00:00:00
cve
cve
CVE-2019-11293
2019-12-06 20:15:09

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.0%

JSON
Related for OSV:CVE-2019-11293
prion1cloudfoundry1cvelist1nvd1symantec1cve1