This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cloudfoundry First view 2019-04-17
Product Capi-Release Last view 2019-04-17
Version 1.60.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:cloudfoundry:capi-release

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2019-04-17 CVE-2019-3798

Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalate their privileges to that of the victim by creating a client with a name equal to the guid of their victim.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-287 Improper Authentication