Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cloud Controller logs environment variables from app manifests
Vulnerability Description
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to resources protected by such credentials.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Cloud Foundry Cloud Controller 日志信息泄露漏洞
Vulnerability Description
Cloud Foundry是美国Cloud Foundry基金会的一套开源的平台即服务(PaaS)云计算平台。该产品提供容器调度、持续交付和自动化服务部署等功能。Cloud Controller是其中的一款云控制器。 Cloud Foundry Cloud Controller (CAPI) 1.91.0之前版本中存在安全漏洞。攻击者可利用该漏洞获取凭证,进而未授权访问被保护的资源。
CVSS Information
N/A
Vulnerability Type
N/A