Vulnerabilities (CVE)

Filtered by vendor Pivotal Software Subscribe
Filtered by product Bits Service
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-15796 1 Pivotal Software 1 Bits Service 2024-02-28 5.5 MEDIUM 8.1 HIGH
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage.