Описание
Cloud Controller versions prior to 1.118.0 are vulnerable to unauthenticated denial of Service(DoS) vulnerability allowing unauthenticated attackers to cause denial of service by using REST HTTP requests with label_selectors on multiple V3 endpoints by generating an enormous SQL query.
Уязвимые конфигурации
Конфигурация 1Версия до 1.118.0 (исключая)Версия до 16.24.0 (исключая)
Одно из
cpe:2.3:a:cloudfoundry:capi-release:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.0098
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-400
CWE-400
Связанные уязвимости
github
больше 3 лет назад
Cloud Controller versions prior to 1.118.0 are vulnerable to unauthenticated denial of Service(DoS) vulnerability allowing unauthenticated attackers to cause denial of service by using REST HTTP requests with label_selectors on multiple V3 endpoints by generating an enormous SQL query.
EPSS
Процентиль: 76%
0.0098
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-400
CWE-400