Описание
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller.
Уязвимые конфигурации
Конфигурация 1Версия до 1.106.0 (исключая)Версия до 16.2.0 (исключая)
Одно из
cpe:2.3:a:cloudfoundry:capi-release:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00215
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522
Связанные уязвимости
github
больше 3 лет назад
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller.
EPSS
Процентиль: 44%
0.00215
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522