In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for anyone to push or manage apps.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cloudfoundry.org/blog/cve-2021-22100-cloud-controller-is-vulnerable-to-denial-of-service-due-to-misbehaving-service-brokers/ - Vendor Advisory |
Information
Published : 2022-03-25 19:15
Updated : 2024-11-21 05:49
NVD link : CVE-2021-22100
Mitre link : CVE-2021-22100
CVE.ORG link : CVE-2021-22100
JSON object : View
Products Affected
cloudfoundry
- cf-deployment
- capi-release
CWE
CWE-400
Uncontrolled Resource Consumption