Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cloud Foundry unprotected internal endpoints
Vulnerability Description
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Cloud Foundry 安全漏洞
Vulnerability Description
Cloud Foundry是美国Cloud Foundry基金会的一套开源的平台即服务(PaaS)云计算平台。该产品提供容器调度、持续交付和自动化服务部署等功能。 Cloud Foundry存在安全漏洞,该漏洞源于内部端点未受保护,可能导致绕过防火墙的用户替换droplet和应用程序,从而访问安全应用程序信息。
CVSS Information
N/A
Vulnerability Type
N/A