1 matches found
CVE-2020-5418
Cloud Foundry CAPI Cloud Controller versions prior to 1.98.0 allow authenticated users having only the "cloudcontroller.read" scope, but no roles in any spaces, to list all droplets in all spaces whereas they should see none...