PT-2018-10904 · Cloud Foundry · Garden-Runc

Published

2018-03-29

Updated

2019-10-09

CVE-2018-1191

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cloud Foundry Garden-runC versions prior to 1.11.0

Description The issue allows a user with access to Garden logs to potentially obtain leaked credentials. This could enable the user to perform authenticated actions using the leaked credentials.

Recommendations For versions prior to 1.11.0, update to version 1.11.0 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-215

Related Identifiers

CVE-2018-1191

Affected Products

Garden-Runc

PT-2018-10904 · Cloud Foundry · Garden-Runc

CVE-2018-1191

Weakness Enumeration

Related Identifiers

Affected Products

References · 3