Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cf-deployment vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31733
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integrity is enabled AND unproxied ports are t...
Cloudfoundry Diego
Cloudfoundry Cf-deployment
605
VMScore
CVE-2020-5420
Cloud Foundry Routing (Gorouter) versions before 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.
Cloudfoundry Cf-deployment
Cloudfoundry Gorouter
445
VMScore
CVE-2017-14390
In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration with Loggregator and syslog-drain causes logs to be drained to unintended locations.
Pivotal Software Cf-deployment 0.35.0
NA
CVE-2023-34041
Cloud foundry routing release versions before 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.
Cloudfoundry Routing-release
Cloudfoundry Cf-deployment
NA
CVE-2023-20882
In Cloud foundry routing release versions from 0.262.0 and before 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the curre...
Cloudfoundry Routing Release
Cloudfoundry Cf-deployment
356
VMScore
CVE-2020-5400
Cloud Foundry Cloud Controller (CAPI), versions before 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to reso...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
356
VMScore
CVE-2020-5416
Cloud Foundry Routing (Gorouter), versions before 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP request...
Cloudfoundry Cf-deployment
Cloudfoundry Routing-release
578
VMScore
CVE-2020-5417
Cloud Foundry CAPI (Cloud Controller), versions before 1.97.0, when used in a deployment where an app domain is also the system domain (which is true in the default CF Deployment manifest), were vulnerable to developers maliciously or accidentally claiming certain sensitive route...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
356
VMScore
CVE-2020-5418
Cloud Foundry CAPI (Cloud Controller) versions before 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none).
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
694
VMScore
CVE-2020-5423
CAPI (Cloud Controller) versions before 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »