3 matches found
CVE-2018-1264
Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case, if this client is ...
CVE-2018-1264
The CVE concerns Cloud Foundry Log Cache prior to version 1.1.1, where the UAA client secret is logged on startup as part of the envstruct report. This exposes the secret to an attacker with access to the Log Cache VM, potentially granting all privileges of the Log Cache UAA client and, in worst ...
CVE-2018-1264: Log Cache logs UAA client secret on startup | Cloud Foundry
Severity Critical Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using log-cache-release versions prior to 1.1.1 Description Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote...