2 matches found
CVE-2020-5399
CVE-2020-5399 affects Cloud Foundry CredHub prior to 2.5.10, where the MySQL connection is established without TLS despite configuration to use TLS. This enables an attacker with network access between CredHub and the MySQL database to eavesdrop on connections and potentially gain unauthorized ac...
CVE-2020-5399: CredHub does not properly enable TLS for MySQL database connections | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Description Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database...