Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-5422 | 1 Cloud Foundry | 1 Bosh System Metrics Server | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director. It exposed the password to any user or process with access to the same VM (through ps or looking at process details). |