CVE-2020-5400

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-5400
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5400.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-5400
Published
2020-02-27T20:15:11Z
Modified
2024-09-03T03:31:39.296083Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to resources protected by such credentials.

References

Affected packages

Git / github.com/cloudfoundry/capi-release

Affected ranges

Type
GIT
Repo
https://github.com/cloudfoundry/capi-release
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

1.*

1.0.0
1.1.0
1.10.0
1.11.0
1.12.0
1.13.0
1.14.0
1.15.0
1.16.0
1.17.0
1.18.0
1.19.0
1.2.0
1.20.0
1.21.0
1.22.0
1.23.0
1.24.0
1.25.0
1.26.0
1.27.0
1.28.0
1.29.0
1.3.0
1.30.0
1.31.0
1.32.0
1.33.0
1.34.0
1.35.0
1.36.0
1.37.0
1.38.0
1.39.0
1.4.0
1.40.0
1.41.0
1.42.0
1.43.0
1.44.0
1.45.0
1.46.0
1.47.0
1.48.0
1.49.0
1.5.0
1.50.0
1.51.0
1.52.0
1.53.0
1.54.0
1.55.0
1.56.0
1.57.0
1.58.0
1.59.0
1.6.0
1.60.0
1.61.0
1.62.0
1.63.0
1.64.0
1.65.0
1.66.0
1.67.0
1.68.0
1.69.0
1.7.0
1.70.0
1.71.0
1.72.0
1.73.0
1.74.0
1.75.0
1.76.0
1.77.0
1.78.0
1.79.0
1.8.0
1.80.0
1.81.0
1.82.0
1.83.0
1.84.0
1.85.0
1.86.0
1.87.0
1.88.0
1.89.0
1.9.0
1.90.0

Other

list

v1.*

v1.0.0