Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud foundry vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20885
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions before 63; SMB-volume release: All versions before 3.1.19; cf-nfs-volume release: 5.0.X versions before 5.0.27, 7.1.X...
Pivotal Cloud Foundry Smb Volume
Pivotal Cloud Foundry Notifications
Pivotal Cloud Foundry Nfs Volume
6.5
CVSSv2
CVE-2018-1192
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions before 4.5.5, 4.8.x versions before 4.8.3, and 4.7.x versions before 4.7.4; and UAA-release 45.7.x versions before 45.7, 52.7.x versions before 52.7, and 53.3.x...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release 53.3
Pivotal Software Cloud Foundry Uaa-release 52.7
Pivotal Software Cloud Foundry Uaa-release 45.7
Pivotal Software Cloud Foundry Cf-release
Pivotal Software Cloud Foundry Cf-deployment
4.3
CVSSv2
CVE-2016-3084
The UAA reset password flow in Cloud Foundry release v236 and previous versions versions, UAA release v3.3.0 and previous versions versions, all versions of Login-server, UAA release v10 and previous versions versions and Pivotal Elastic Runtime versions before 1.7.2 is vulnerabl...
Pivotal Software Login-server -
Cloudfoundry Cloud Foundry Uaa Bosh
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry
6.8
CVSSv2
CVE-2017-4963
An issue exists in Cloud Foundry Foundation Cloud Foundry release v252 and previous versions versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to auth...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Cf-release
1 Github repository
NA
CVE-2023-34061
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.
Pivotal Cloud Foundry Deployment
Pivotal Cloud Foundry Routing Release
7.5
CVSSv2
CVE-2016-9885
An issue exists in Pivotal GemFire for PCF 1.6.x versions before 1.6.5 and 1.7.x versions before 1.7.1. The gfsh (Geode Shell) endpoint, used by operators and application developers to connect to their cluster, is unauthenticated and publicly accessible. Because HTTPS communicati...
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.7.0.0
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.4.0
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.3.0
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.2
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.1
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.0.0
4
CVSSv2
CVE-2017-8040
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions before 1.3.4 and 1.4.x versions before 1.4.3, an XXE (XML External Entity) attack exists in the Single Sign-On service dashboard. Privileged users can in some cases upload malformed XML leading to exposure of data o...
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.0
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.2
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.3
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.0
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.1
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.2
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.3
4.3
CVSSv2
CVE-2017-8041
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions before 1.3.4 and 1.4.x versions before 1.4.3, a user can execute a XSS attack on certain Single Sign-On service UI pages by inputting code in the text field for an organization name.
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.0
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.2
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.3
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.0
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.1
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.2
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.3
5.8
CVSSv2
CVE-2018-11041
Cloud Foundry UAA, versions later than 4.6.0 and before 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, all...
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Uaa
4.3
CVSSv2
CVE-2017-8044
In Pivotal Single Sign-On for PCF (1.3.x versions before 1.3.4 and 1.4.x versions before 1.4.3), certain pages allow code to be injected into the DOM environment through query parameters, leading to XSS attacks.
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.0
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.2
Vmware Single Sign-on For Pivotal Cloud Foundry 1.3.3
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.1
Vmware Single Sign-on For Pivotal Cloud Foundry 1.4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »