Cloud Foundry · Credhub · CVE-2020-5399
**Name of the Vulnerable Software and Affected Versions**
Cloud Foundry CredHub versions prior to 2.5.10
**Description**
The issue allows a malicious user with access to the network between CredHub and its MySQL database to eavesdrop on database connections, potentially gaining unauthorized access to CredHub and other components. This is due to CredHub connecting to the MySQL database without TLS even when configured to use it.
**Recommendations**
For versions prior to 2.5.10, update to version 2.5.10 or later to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL database to minimize the risk of exploitation.