CVE-2021-22115
N/A
N/A
Summary
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Cloud Control API | CAPI versions prior to 1.106.0 | affected |
Weaknesses
- Clear text logging of credentials
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.