Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Log-cache-release Security Vulnerabilities

cve
cve

CVE-2019-3800

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the...

7.8CVSS

7.3AI Score

0.002EPSS

2019-08-05 05:15 PM
50
cve
cve

CVE-2018-1264

Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case, if this client is...

9.8CVSS

9.4AI Score

0.006EPSS

2018-10-05 09:29 PM
26