37 matches found
CVE-2022-31733
The CVE-2022-31733 issue affects Cloud Foundry’s CF Diego cells and CF Deployment, where starting with diego-release 2.55.0–2.69.0 and CF Deployment 17.1–23.2.0, apps are reachable via an additional port on diego cells, enabling ingress without a client certificate when mTLS route integrity is en...
CVE-2020-15586
CVE-2020-15586 affects Go before 1.13.13 and 1.14.x before 1.14.5, via a data race in certain net/http servers demonstrated by the httputil.ReverseProxy handler. The race occurs because a request body is read while a response is being written. Impact in the public documentation includes a potenti...
CVE-2021-22001
CVE-2021-22001 affects Cloud Foundry UAA server prior to version 75.3.0. The issue arises when deleting an identity provider (IdP) of type oauth 1.0: the response may reveal sensitive information, including the relaying secret of the provider. The root cause is an information disclosure in the Id...
CVE-2019-11293
CVE-2019-11293 concerns Cloud Foundry UAA releases prior to v74.10.0. When set to DEBUG, the service logs client_secret credentials sent as query parameters to the uaa.log file, enabling credential disclosure. A remote authenticated attacker could gain user credentials via the log file if authent...
CVE-2024-22279
CVE-2024-22279 affects Cloud Foundry routing (GoRouter). The issue is an improper handling of requests in Routing Release versions v0.273.0 up to and including v0.297.0, allowing an unauthenticated attacker to degrade service availability at scale (DoS). Affected products: Routing Release and CF ...
CVE-2019-11289
CVE-2019-11289 – Impact and fix (Cloud Foundry Routing Gorouter) : All Cloud Foundry Routing versions before 0.193.0 are affected due to improper validation of nonce input. A remote unauthenticated attacker could forge a route service request using an invalid nonce, potentially causing the Gorout...
CVE-2019-11290
Cloud Foundry UAA before version 74.8.0 logs all query parameters to Tomcat’s access log; if those parameters carry credentials, they are logged as well, causing information disclosure. The vulnerability affects Cloud Foundry UAA and CF deployment lineages prior to upgrades cited by Cloud Foundry...
CVE-2019-11294
Summary: CVE-2019-11294 affects Cloud Foundry Cloud Controller API (CAPI) version 1.88.0, where space developers can list all global service brokers, exposing broker URLs and GUIDs that should be admin-only. The issue is a disclosure/Access Control problem within CAPI, enabling unauthorized visib...
CVE-2017-14389
CVE-2017-14389 affects Cloud Foundry Foundation components capi-release (all versions < 1.45.0), cf-release (all versions < v280), and cf-deployment (all versions
CVE-2020-5423
CVE-2020-5423 affects Cloud Foundry’s CAPI (Cloud Controller): versions prior to 1.101.0 are vulnerable to a denial-of-service caused by an unauthenticated attacker sending specially-crafted YAML to certain endpoints, triggering the YAML parser to consume excessive CPU and RAM. Reported as a high...
CVE-2021-22100
CVE-2021-22100 affects Cloud Foundry CAPI versions prior to 1.122. A misbehaving service broker can cause Cloud Controller (CAPI) instances to timeout, leading to an inability to push or manage applications (Denial of Service). The public sources describe the issue and confirm affected releases i...
CVE-2020-5416
Cloud Foundry Routing (Gorouter) is affected when deployed behind NGINX proxies. The vulnerability affects Gorouter versions prior to 0.204.0, where unauthenticated attackers can send specially crafted HTTP requests that may cause Gorouters to be dropped from the NGINX backend pool, potentially e...
CVE-2020-5417
CVE-2020-5417 affects Cloud Foundry CAPI (Cloud Controller) versions prior to 1.97.0 when an app domain is also the system domain (as in default CF deployments). The issue allows a developer’s app to maliciously or accidentally claim sensitive routes that were intended for system components, pote...
CVE-2023-20882
CVE-2023-20882 affects Cloud Foundry gorouter in routing releases 0.262.0 through 0.266.0. A bug triggered by premature client connection closures can cause the gorouter to mark the currently selected backend as failed and remove it from the routing pool, potentially leading to denial of service ...
CVE-2018-1262
The CVE-2018-1262 issue affects Cloud Foundry Foundation UAA (versions 4.12.x and 4.13.x). The root cause is a feature that allowed privilege escalation across identity zones when offline token validation is performed, enabling a zone administrator to configure tokens impersonating another zone a...
CVE-2021-22115
CVE-2021-22115 affects Cloud Foundry Cloud Controller API prior to version 1.106.0. The vulnerability arises because the CAPI database logs service broker passwords in plain text when a job to clean up orphaned items runs, exposing credentials if log access is compromised. Affected product/versio...
CVE-2019-11277
The CVE-2019-11277 entry affects Cloud Foundry NFS Volume Service: 1.7.x before 1.7.11 and 2.x before 2.3.0. The vulnerability is LDAP injection in service instance creation, exploitable by a remote authenticated space developer who can inject LDAP filters, potentially leading to service denial o...
CVE-2023-34041
CVE-2023-34041 affects Cloud Foundry Router (gorouter) releases before 0.278.0, where HTTP Hop-by-Hop headers (notably B3 and X-B3-SpanID) can be abused to alter the identifiers logged in foundations. Exploitation requires no authentication and can influence log-trace values, per multiple sources...
CVE-2020-5420
Cloud Foundry Gorouter (Routing) up to v0.206.0 is vulnerable: a user with cf push access can deploy an app that returns specially crafted HTTP responses, causing Gorouters to crash and leading to DoS of the CF cluster. Affected component: Gorouter in Routing; affected versions: all prior to 0.20...
CVE-2023-20881
CVE-2023-20881 affects Cloud Foundry CAPI versions 1.140–1.152.0 and Loggregator-agent v7+. The issue allows a user who knows the syslog drain client certificate to override other users’ syslog drain credentials, potentially altering the private key or adding/modifying a Certificate Authority use...
CVE-2019-3801
CVE-2019-3801 affects Cloud Foundry cf-deployment versions prior to 7.9.0. The Java components fetch dependencies over an insecure HTTP channel, enabling a remote, unauthenticated attacker to hijack the dependency DNS entry and inject malicious code into the component during build. Practical impa...
CVE-2021-22098
CVE-2021-22098 affects Cloud Foundry UAA server. Versions prior to 75.4.0 are vulnerable to an open redirect vulnerability exploitable via social engineering, potentially leading to loss of user accounts and redirection to malicious sites. Practical impact is limited to cases described in vendor ...
CVE-2020-5402
The CVE-2020-5402 issue affects Cloud Foundry UAA (and related deployments) where versions prior to 74.14.0 allow CSRF via the OAuth2 state parameter not being validated in the external identity provider callback. The core vulnerability is a missing check in the callback flow, impacting authentic...
CVE-2021-22101
CVE-2021-22101 affects Cloud Foundry Cloud Controller prior to 1.118.0. It enables unauthenticated DoS by sending REST HTTP requests with label_selectors on multiple V3 endpoints, generating an enormous SQL query that can render the ccdb unavailable. Affected products include CAPI (pre-1.118.0) a...
CVE-2018-1277
Cloud Foundry Garden-runC vulnerability (CVE-2018-1277): Garden-runC/ cf-deployment prior to fixed versions fail to enforce disk quotas for Docker image layers, allowing a remote authenticated user to push a malicious image that can exhaust Diego cell disk space and cause a DoS. Affected: Garden-...
CVE-2019-11282
CVE-2019-11282 affects Cloud Foundry UAA prior to v74.3.0. A remote authenticated attacker with the scim.invite scope can craft requests to an endpoint vulnerable to SCIM injection, potentially leaking information about UAA users. The issue is documented across multiple sources (NVD entry, CNVD/C...
CVE-2018-1193
Cloud Foundry routing-release before version 0.175.0 fails to sanitize user-provided X-Forwarded-Proto headers, allowing a remote attacker to bypass application requirements that enforce secure connections. Root cause: lack of filtering on X-Forwarded-Proto in routing-release/gorouter. Impact: po...
CVE-2018-1221
In CVE-2018-1221, the Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers (ALBs) and other HTTP-aware Load Balancers. Affected products are cf-deployment (all versions before 1.14.0) and routing-release (all versions before 0.172.0). The underlying root cause i...
CVE-2019-11283
Cloud Foundry SMB Volume (versions prior to 2.0.3) leaks credentials to logs. The SMB driver writes usernames and passwords for recently created volumes into log files, enabling a remote user with log access to take control of the affected SMB Volumes. According to the sources, the vulnerability ...
CVE-2018-1195
Cloud Controller (Cloud Foundry) is affected. The vulnerability (CVE-2018-1195) occurs when Cloud Controller versions prior to 1.46.0, cf-deployment prior to 1.3.0, and cf-release prior to 283 accept refresh tokens for authentication in contexts where an access token is expected. Root cause: refr...
CVE-2018-1265
Summary: CVE-2018-1265 affects Cloud Foundry Diego (diego-release before 2.8.0; cf-deployment before v1.37.0). The root cause is improper sanitization/validation of file paths in tar and zip headers, enabling a remote authenticated attacker with CF admin privileges to upload a malicious buildpack...
CVE-2020-5418
CVE-2020-5418 affects Cloud Foundry CAPI (Cloud Controller) versions before 1.98.0. Authentication with only cloud_controller.read and no space roles allows listing all droplets across all spaces (should be none). Root cause: insufficient authorization check exposing droplets to users without pro...
CVE-2025-22246
CVE-2025-22246 affects Cloud Foundry UAA releases from 77.21.0 up to 77.31.0 (and CF deployment 45.1.0 to 48.11.0) with a private key exposure in logs. Root cause and exact vulnerability mechanics are described in the Cloud Foundry advisory: upgrading UAA to 77.32.0+ and CF deployment to 49.0.0+ ...
CVE-2018-1191
CVE-2018-1191 affects Cloud Foundry Garden-runC prior to 1.11.0. The vulnerability is an information disclosure where a user with access to Garden logs can obtain leaked credentials and perform authenticated actions. Affected components include garden-runc-release (before 1.11.0) and cf-deploymen...
CVE-2020-5400
CVE-2020-5400 affects Cloud Foundry Cloud Controller (CAPI) prior to 1.91.0. The issue arises because background-job logging may capture environment properties (e.g., credentials) from app manifests, enabling a malicious user with access to logs to exfiltrate sensitive credentials. Public referen...
CVE-2026-22723
CVE-2026-22723 affects Cloud Foundry UAA and CF Deployment due to a logic error in the token revocation endpoint. Vulnerable ranges: UAA v77.30.0–v78.7.0 and CF Deployment v48.7.0–v54.10.0. Root cause is a faulty token revocation flow that can improperly revoke tokens. Impact is described as Inap...
CVE-2026-22726
The CVE-2026-22726 describes a Route Services firewall bypass in Cloud Foundry: a route-service could be abused by a user with Cloud Foundry access to forward app traffic to internal HTTP services reachable by the Gorouter, bypassing configured egress rules. Affected routing release versions are ...