Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry credhub vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2020-5399
Cloud Foundry CredHub, versions before 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access t...
Cloudfoundry Credhub
Pivotal Software Cloud Foundry Cf-deployment
9.8
CVSSv3
CVE-2019-3801
Cloud Foundry cf-deployment, versions before 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the compo...
Cloudfoundry Credhub
Cloudfoundry Cf-deployment
Cloudfoundry Uaa Release
7.8
CVSSv3
CVE-2019-3782
Cloud Foundry CredHub CLI, versions before 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retriev...
Cloudfoundry Credhub Cli
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started