Описание
Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.1 (исключая)
cpe:2.3:a:pivotal_software:bosh_cli:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00291
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH.
EPSS
Процентиль: 52%
0.00291
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-732