Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CloudfoundryCapi-release*

2 matches found

CVE
CVEadded 2019/03/13 10:0 p.m.35 views

CVE-2019-3785

Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. A remote authenticated malicious user with read permissions can request package information and receive a signed bit-service url that grants the user write permissions to the bit-service.

8.1CVSS6.9AI score0.0037EPSS
CVE
CVEadded 2019/04/17 2:29 p.m.30 views

CVE-2019-3798

Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalate their privilege...

7.5CVSS6.7AI score0.01948EPSS