CVE-2018-1268 - CERT CVE

  1. CVE-2018-1268

ID CVE-2018-1268
Sažetak Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app.
Reference
CVSS
Base: 4.9
Impact: 4.9
Exploitability:6.8
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:S/C:P/I:P/A:N
Zadnje važnije ažuriranje 04-05-2020 - 21:26
Objavljeno 06-06-2018 - 20:29