PT-2024-19299 · Cloud Foundry · Cloud Foundry Routing Release

Published

2024-06-10

Updated

2024-06-12

CVE-2024-22279

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Cloud Foundry Routing Release versions 0.273.0 through 0.297.0

Description The issue is related to improper handling of requests, which can be exploited by an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale.

Recommendations For Cloud Foundry Routing Release versions 0.273.0 through 0.297.0, update to a version outside of this range to resolve the issue.

Fix

HTTP Request/Response Smuggling

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-444

Related Identifiers

CVE-2024-22279

Affected Products

Cloud Foundry Routing Release

PT-2024-19299 · Cloud Foundry · Cloud Foundry Routing Release

CVE-2024-22279

Weakness Enumeration

Related Identifiers

Affected Products

References · 4