2 matches found
CVE-2019-3789
CVE-2019-3789 affects Cloud Foundry Routing Release (CF Routing) prior to 0.188.0. A space developer can create a private domain shadowing an external route service domain and map it to an app, causing the gorouter to route external traffic to the internal app instead. Impact is hijacking of rout...
CVE-2019-3789 Gorouter allows space developer to hijack route services hosted outside the platform
Cloud Foundry Routing Release, all versions prior to 0.188.0, contains a vulnerability that can hijack the traffic to route services hosted outside the platform. A user with space developer permissions can create a private domain that shadows the external domain of the route service, and map that...