Latest Security News about cloud foundry products

Contact US For API Security>

Multiple issues in Cloud Foundry Products

Overview : UAA logs all query parameters with debug logging level Affected Product(s) : CF Deployment All versions prior to v12.12.0 UAA Release All versions prior to v74.10.0 Vulnerability Details : CVE ID : CVE-2019-11293 Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as […]

Contact US For API Security>

Cloud Foundry NFS vulnerable to LDAP injection

Overview : Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack. Affected Product(s) : Cloud […]