CVE-2018-1223

Summary

Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. A malicious user with the ability to read the application logs could use these credentials to escalate privileges.

Affected Software

VendorProductVersion RangeStatus
Cloud FoundryContainer Runtimeunspecified < 0.14.0affected

Weaknesses

  • Credential leak to logs

ADP Enrichment

CVE Program Container

Additional References

References