CVE-2018-1267

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-1267

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1267.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1267

Published

2018-03-27T16:29:00.467Z

Modified

2026-03-14T09:27:35.253902Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies.

References

https://www.cloudfoundry.org/blog/cve-2018-1267/

Affected packages

Git / github.com/cloudfoundry/silk-release

Affected ranges

Type

GIT

Repo

https://github.com/cloudfoundry/silk-release

Events

Introduced

Fixed

4a560b77fbc8943da05dbb890a62836620b2b4e3

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.2.0"
        }
    ]
}

Affected versions

v0.*

v0.1.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1267.json"