Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud foundry cf-deployment vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-34041
Cloud foundry routing release versions before 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.
Cloudfoundry Routing-release
Cloudfoundry Cf-deployment
5.9
CVSSv3
CVE-2023-20882
In Cloud foundry routing release versions from 0.262.0 and before 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the curre...
Cloudfoundry Routing Release
Cloudfoundry Cf-deployment
8.1
CVSSv3
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
Cloudfoundry Loggregator-agent
5.3
CVSSv3
CVE-2021-22100
In cloud foundry CAPI versions before 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for any...
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
4.3
CVSSv3
CVE-2020-5418
Cloud Foundry CAPI (Cloud Controller) versions before 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none).
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
7.7
CVSSv3
CVE-2020-5420
Cloud Foundry Routing (Gorouter) versions before 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.
Cloudfoundry Cf-deployment
Cloudfoundry Gorouter
6.5
CVSSv3
CVE-2020-5416
Cloud Foundry Routing (Gorouter), versions before 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP request...
Cloudfoundry Cf-deployment
Cloudfoundry Routing-release
8.8
CVSSv3
CVE-2020-5417
Cloud Foundry CAPI (Cloud Controller), versions before 1.97.0, when used in a deployment where an app domain is also the system domain (which is true in the default CF Deployment manifest), were vulnerable to developers maliciously or accidentally claiming certain sensitive route...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
6.5
CVSSv3
CVE-2020-5400
Cloud Foundry Cloud Controller (CAPI), versions before 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to reso...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
8.8
CVSSv3
CVE-2020-5402
In Cloud Foundry UAA, versions before 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.
Cloudfoundry Cf-deployment
Cloudfoundry User Account And Authentication
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »