Описание
In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for anyone to push or manage apps.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.122.0 (исключая)Версия до 17.1.0 (исключая)
Одно из
cpe:2.3:a:cloudfoundry:capi-release:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00522
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-400
CWE-400
Связанные уязвимости
CVSS3: 5.3
github
почти 4 года назад
In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for anyone to push or manage apps.
EPSS
Процентиль: 66%
0.00522
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-400
CWE-400