CVE-2019-3781
8.2
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Summary
Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cloud Foundry | CF CLI | All < v6.43.0 | affected |
Weaknesses
- CWE-215: CWE-215: Information Exposure Through Debug Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.