Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Volume Services is vulnerable to an LDAP injection attack
Vulnerability Description
Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack.
CVSS Information
N/A
Vulnerability Type
LDAP查询中使用的特殊元素转义处理不恰当(LDAP注入)
Vulnerability Title
Cloud Foundry NFS Volume Service 注入漏洞
Vulnerability Description
Cloud Foundry NFS Volume Service是美国Cloud Foundry基金会的一款NFS(网络文件系统)卷服务。该产品支持配置NFS卷,并将卷绑定到应用程序以进行共享文件访问。 Cloud Foundry NFS Volume Service 1.7.11之前的1.7.x版本和2.3.0之前的2.x版本中存在安全漏洞。远程攻击者可利用该漏洞造成拒绝服务及其他危害。
CVSS Information
N/A
Vulnerability Type
N/A