Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bosh Deployment logs leak sensitive information
Vulnerability Description
Cloud Foundry BOSH 270.x versions prior to v270.1.1, contain a BOSH Director that does not properly redact credentials when configured to use a MySQL database. A local authenticated malicious user may read any credentials that are contained in a BOSH manifest.
CVSS Information
N/A
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Cloud Foundry BOSH 信息泄露漏洞
Vulnerability Description
Cloud Foundry是美国Cloud Foundry基金会的一套开源的平台即服务(PaaS)云计算平台。该产品提供容器调度、持续交付和自动化服务部署等功能。 Cloud Foundry BOSH 267.14.0之前的267.x版本和270.1.1之前的270.x版本中存在信息泄露漏洞,该漏洞源于程序没有正确编辑凭证。本地攻击者可利用该漏洞读取凭证。
CVSS Information
N/A
Vulnerability Type
N/A