Vulnerabilities (CVE)

Filtered by vendor Vmware Subscribe
Filtered by product Tanzu Application Service For Vms
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-5406 1 Vmware 1 Tanzu Application Service For Vms 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6.18, 2.7.x versions prior to 2.7.11, and 2.8.x versions prior to 2.8.5, includes a version of PCF Autoscaling that writes database connection properties to its log, including database username and password. A malicious user with access to those logs may gain unauthorized access to the database being used by Autoscaling.