Описание
Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.2.0 (исключая)
cpe:2.3:a:cloudfoundry:silk-release:*:*:*:*:*:cloudfoundry:*:*
EPSS
Процентиль: 56%
0.00332
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies.
EPSS
Процентиль: 56%
0.00332
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-732