PT-2018-10904 · Cloud Foundry · Garden-Runc

Publicado

2018-03-29

Atualizado

2019-10-09

CVE-2018-1191

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cloud Foundry Garden-runC versions prior to 1.11.0

Description The issue allows a user with access to Garden logs to potentially obtain leaked credentials. This could enable the user to perform authenticated actions using the leaked credentials.

Recommendations For versions prior to 1.11.0, update to version 1.11.0 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-215

Identificadores relacionados

CVE-2018-1191

Produtos afetados

Garden-Runc

PT-2018-10904 · Cloud Foundry · Garden-Runc

CVE-2018-1191

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3