35 matches found
CVE-2017-14389
CVE-2017-14389 affects Cloud Foundry Foundation components capi-release (all versions < 1.45.0), cf-release (all versions < v280), and cf-deployment (all versions
CVE-2017-4991
CVE-2017-4991 affects Cloud Foundry products: cf-release versions before v260 and multiple UAA releases (2.x before v2.7.4.16; 3.6.x before v3.6.10; 3.9.x before v3.9.12; others before v3.17.0) plus UAA-bosh releases (uaa-release) before v13.14, v24.9, v30.2, and earlier versions before v36. The ...
CVE-2016-0732
The CVE-2016-0732 entry corresponds to a privilege-escalation vulnerability in the identity-zones feature of Cloud Foundry components. Affected products include Cloud Foundry v208–v229, UAA v2.0.0–v2.7.3 and v3.0.0, UAA-Release v2–v4, and Elastic Runtime v1.6.0–v1.6.13. The issue allows remote au...
CVE-2017-8048
In Cloud Foundry, CVE-2017-8048 is a regression introduced by the original fix for CVE-2017-8033. Affected are capi-release 1.33.0–1.41.x (prior to 1.42.0) and cf-release 268–273 (prior to 274). The issue enables a space developer to execute arbitrary code on the Cloud Controller VM by pushing a ...
CVE-2017-8031
The CVE-2017-8031 entry concerns Cloud Foundry cf-release and UAA. Affected products: cf-release (all versions before v279) and UAA (30.x before 30.6; 45.x before 45.4; 52.x before 52.1). Issue: an authenticated user for a given client can revoke client tokens belonging to other users on the same...
CVE-2015-5173
CVE-2015-5173 corresponds to a Cloud Foundry security issue described in connected advisories as a weak password recovery/expired reset mechanism affecting cf-release <216, UAA <2.5.2, and PCF Elastic Runtime
CVE-2017-4992
CVE-2017-4992 affects Cloud Foundry components including cf-release prior to v261 and UAA releases prior to specified versions (2.x before 2.7.4.17, 3.6.x before 3.6.11, 3.9.x before 3.9.13, and other versions before v4.2.0; UAA bosh releases prior to 13.x before 13.15, 24.x before 24.10, 30.x be...
CVE-2018-1190
CVE-2018-1190 affects Pivotal Cloud Foundry components, causing a cross-site scripting (XSS) vulnerability in the clientId parameter of the UAA OpenID Connect check session iframe used for single logout. Affected versions include cf-release prior to v270, UAA v3.x before v3.20.2, and UAA bosh rel...
CVE-2017-8037
CVE-2017-8037 affects Cloud Foundry: CAPI-release v1.6.0+ up to < v1.38.0 and cf-release v244+ up to
CVE-2015-5171
Ø CVE-2015-5171 affects Cloud Foundry components (cf-release <216, UAA <2.5.2, PCF Elastic Runtime
CVE-2017-4972
CVE-2017-4972 describes a blind SQL injection vulnerability in Cloud Foundry components: cf-release before v257; UAA 2.x before v2.7.4.14, 3.6.x before v3.6.8, 3.9.x before v3.9.10, and other versions before v3.15.0; and UAA Release (uaa-release) 13.x before v13.12, 24.x before v24.7, and other v...
CVE-2017-4974
CVE-2017-4974 is a blind SQL injection vulnerability affecting Cloud Foundry Foundation components: cf-release versions prior to v258 and UAA releases prior to v2.7.4.15 (2.x), v3.6.9 (3.6.x), v3.9.11 (3.9.x), and prior to v3.16.0 in general, plus uaa-release bosh releases prior to v13.13, v24.8,...
CVE-2017-8033
The CVE-2017-8033 issue affects Cloud Foundry’s Cloud Controller API in capi-release v1.33.0+ and cf-release v268+ (pre-v1.35.0 and pre-v268 respectively), where a filesystem-traversal flaw lets a space developer write arbitrary files on the Cloud Controller VM by pushing a crafted app. The origi...
CVE-2017-8034
CVE-2017-8034 affects Cloud Foundry components: Cloud Controller and Router in CAPI release capi < v1.32.0, Routing-release < v0.159.0, CF-release
CVE-2017-8047
CVE-2017-8047 affects Cloud Foundry routing-release (all versions prior to v0.163.0) and cf-release (all versions prior to v274). A URL-append.open redirect vulnerability enables phishing by letting attackers redirect users to unintended destinations, potentially harvesting credentials. The issue...
CVE-2015-1834
CVE-2015-1834 is a path-traversal vulnerability in the Cloud Foundry Cloud Controller. Affected products include cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime prior to 1.4.2. The root cause is path traversal via user-supplied file path parameters (e.g., ../ sequences...
CVE-2015-5170
CVE-2015-5170 affects Cloud Foundry components (cf-release before 216, UAA before 2.5.2, PCF Elastic Runtime before 1.7.0) and enables remote CSRF attacks on PWS by exploiting missing CSRF checks, potentially allowing an attacker to log a user into an arbitrary account. The connected records corr...
CVE-2016-2165
CVE-2016-2165 affects Cloud Foundry cf-release legacy branches: cf-release v231 and older, plus Pivotal Elastic Runtime versions before 1.5.19 and 1.6.x before 1.6.20. The Loggregator Traffic Controller endpoints do not cleanse invalid request URL paths, and these paths are echoed in 404 response...
CVE-2018-1195
Cloud Controller (Cloud Foundry) is affected. The vulnerability (CVE-2018-1195) occurs when Cloud Controller versions prior to 1.46.0, cf-deployment prior to 1.3.0, and cf-release prior to 283 accept refresh tokens for authentication in contexts where an access token is expected. Root cause: refr...
CVE-2015-3189
CVE-2015-3189 – Normal details Affected products/versions: Cloud Foundry Runtime cf-release v208 or earlier; UAA standalone v2.2.5 or earlier; Pivotal Cloud Foundry Runtime v1.4.5 or earlier. Issue: old Password Reset Links do not expire after a user changes their current email address, when usin...
CVE-2015-5172
CVE-2015-5172 affects Cloud Foundry Runtime: cf-release prior to 216, UAA prior to 2.5.2, and PCF Elastic Runtime prior to 1.7.0, due to failure to expire password reset links. Connected sources (GHSA/osv entries) corroborate the affected components and the weak password recovery mechanism, descr...
CVE-2016-9882
CVE-2016-9882 affects Cloud Foundry cf-release before v250 and CAPI-release before v1.12.0. The issue is that Cloud Foundry logs credentials returned from service brokers in Cloud Controller system component logs; these logs are written to disk and often forwarded to log aggregators via syslog. T...
CVE-2015-3191
CVE-2015-3191 is a CSRF vulnerability in the Cloud Foundry UAA change_email endpoint. Affected are Cloud Foundry cf-release versions prior to v210 and UAA standalone deployments prior to 2.3.0 (specifically UAA 2.2.6 or earlier; cf-release v209 or earlier). The issue allows an attacker to trigger...
CVE-2015-3190
The CVE-2015-3190 issue affects Cloud Foundry components where the UAA logout link can be used as an open redirect. Affected versions include cf-release v209 or earlier, UAA standalone v2.2.6 or earlier, and Cloud Foundry Runtime v1.4.5 or earlier. The underlying vulnerability allows an attacker ...
CVE-2017-4970
CVE-2017-4970 describes a regression in the Cloud Foundry cf-release v255 and Staticfile buildpack v1.4.0–v1.4.3. The Staticfile buildpack regression causes the Staticfile.auth configuration to be ignored when the Staticfile is not present in the application root; apps that contain a Staticfile.a...
CVE-2016-6655
CVE-2016-6655 affects Cloud Foundry Foundation Cloud Foundry releases prior to v245 and cf-mysql-release prior to v31. A command injection vulnerability exists in a common script used by many Cloud Foundry components, enabling a malicious user to execute arbitrary commands on affected servers. Th...
CVE-2016-6658
CVE-2016-6658 affects cf-release before 245. It allows configuring and pushing with a user-provided buildpack URL that may include credentials (basic auth or OAuth) to access a private buildpack. The buildpack URL is stored unencrypted, so an operator with privileged Cloud Controller DB access co...
CVE-2016-8219
The CVE affects Cloud Foundry Foundation cf-release before 250 and CAPI-release before 1.12.0. The vulnerability arises because a SpaceAuditor can restage applications, enabling over-privileged actions that could cause application downtime if restaging fails. Mitigation is to upgrade cf-release t...
CVE-2017-8035
CVE-2017-8035 targets the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions after v1.6.0 and before v1.35.0 (and cf-release after v244 and before v268). A carefully crafted CAPI request from a Space Developer can gain access to files on the Cloud Controller VM for that instal...
CVE-2016-0780
CVE-2016-0780 affects cf-release v231 and earlier and Pivotal Cloud Foundry Elastic Runtime: 1.5.x versions before 1.5.17 and 1.6.x versions before 1.6.18. The root cause is improper enforcement of disk quotas, allowing an attacker to use an incorrect quota value to bypass enforcement and exhaust...
CVE-2016-8218
CVE-2016-8218 affects Cloud Foundry’s routing-release (versions prior to 0.142.0) and cf-release (203–231). The issue is incomplete validation in JSON Web Token (JWT) libraries, enabling unprivileged attackers to impersonate other users to the routing API. Remediation: upgrade routing-release to ...
CVE-2017-4969
The CVE-2017-4969 issue affects the Cloud Foundry cf-release Cloud Controller (pre-v255). A design/logic flaw allows authenticated developer users to exceed a task’s memory and disk quotas, enabling overconsumption relative to configured quotas. Impact is described as a quota-exceeding condition ...
CVE-2016-2169
Cloud Foundry CVE-2016-2169 affects Cloud Foundry Cloud Controller: capi-release versions before 1.0.0 and cf-release versions before v237. The issue is a business-logic flaw where an application could create a route that conflicts with a platform service route, causing traffic intended for the s...
CVE-2016-0708
CVE-2016-0708 affects Cloud Foundry deployments using the Cloud Foundry Java Buildpack (versions 2.0–3.4). Vulnerable when apps are staged with automatic buildpack detection, pass the Java Buildpack detection script, and serve static content from the deployed artifact; the default Tomcat configur...
CVE-2016-0713
The CVE-2016-0713 entry applies to Cloud Foundry Gorouter in cf-release versions 141–228, where a cross-site scripting (XSS) vulnerability can be exploited when an attacker modifies requests, enabling potential MITM-like behavior and unauthorized operations. Publicly documented impact is XSS via ...