CVE-2019-3781

Name of the Vulnerable Software and Affected Versions Cloud Foundry CLI versions prior to 6.43.0

Description The issue improperly exposes passwords when verbose, trace, or debugging modes are enabled. A malicious user, either local and unauthenticated or remote and authenticated, with access to logs may be able to obtain part or all of a user's password.

Recommendations For versions prior to 6.43.0, update to version 6.43.0 or later to resolve the issue. As a temporary workaround, consider disabling verbose, trace, and debugging modes to minimize the risk of password exposure. Restrict access to logs to prevent unauthorized users from gaining access to sensitive information.