CVE-2018-1191

Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.
References
Link Resource
https://www.cloudfoundry.org/blog/cve-2018-1191/ Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudfoundry:garden-runc-release:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-29 20:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-1191

Mitre link : CVE-2018-1191

CVE.ORG link : CVE-2018-1191


JSON object : View

Products Affected

cloudfoundry

  • cf-deployment
  • garden-runc-release
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-215

Insertion of Sensitive Information Into Debugging Code