Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cloud Foundry Stratos Deploys With Public Default Session Store Secret
Vulnerability Description
Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret. A malicious user with default session store secret can brute force another user's current Stratos session, and act on behalf of that user.
CVSS Information
N/A
Vulnerability Type
会话固定
Vulnerability Title
Cloud Foundry Stratos 信任管理问题漏洞
Vulnerability Description
Cloud Foundry Stratos是美国Cloud Foundry基金会的一款基于Web的应用程序管理控制台。该产品主要用于管理在Cloud Foundry集群中运行的应用程序,并执行集群管理任务。 Cloud Foundry Stratos 2.3.0之前版本中存在信任管理漏洞。远程攻击者可利用该漏洞暴力破解其他用户当前Stratos会话并以其他用户身份执行操作。
CVSS Information
N/A
Vulnerability Type
N/A