CVE-2021-22115

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-22115

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22115.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-22115

Published

2021-04-08T18:15:13.837Z

Modified

2026-03-14T10:44:23.514572Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller.

References

https://www.cloudfoundry.org/blog/cve-2021-22115-capi-logs-service-broker-credentials/

Affected packages

Git / github.com/cloudfoundry/capi-release

Affected ranges

Type

GIT

Repo

https://github.com/cloudfoundry/capi-release

Events

Introduced

Fixed

2cd83e8d6ba1e88c89c468c88e442a16ec48e154

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.106.0"
        }
    ]
}

Type

GIT

Repo

https://github.com/cloudfoundry/cf-deployment

Events

Introduced

Fixed

62534baf2abc87ba912ce90548019314f8b68d42

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "16.2.0"
        }
    ]
}

Affected versions

1.*

1.0.0

1.1.0

1.10.0

1.100.0

1.101.0

1.102.0

1.103.0

1.104.0

1.105.0

1.11.0

1.12.0

1.13.0

1.14.0

1.15.0

1.16.0

1.17.0

1.18.0

1.19.0

1.2.0

1.20.0

1.21.0

1.22.0

1.23.0

1.24.0

1.25.0

1.26.0

1.27.0

1.28.0

1.29.0

1.3.0

1.30.0

1.31.0

1.32.0

1.33.0

1.34.0

1.35.0

1.36.0

1.37.0

1.38.0

1.39.0

1.4.0

1.40.0

1.41.0

1.42.0

1.43.0

1.44.0

1.45.0

1.46.0

1.47.0

1.48.0

1.49.0

1.5.0

1.50.0

1.51.0

1.52.0

1.53.0

1.54.0

1.55.0

1.56.0

1.57.0

1.58.0

1.59.0

1.6.0

1.60.0

1.61.0

1.62.0

1.63.0

1.64.0

1.65.0

1.66.0

1.67.0

1.68.0

1.69.0

1.7.0

1.70.0

1.71.0

1.72.0

1.73.0

1.74.0

1.75.0

1.76.0

1.77.0

1.78.0

1.79.0

1.8.0

1.80.0

1.81.0

1.82.0

1.83.0

1.84.0

1.85.0

1.86.0

1.87.0

1.88.0

1.89.0

1.9.0

1.90.0

1.91.0

1.92.0

1.93.0

1.94.0

1.95.0

1.96.0

1.97.0

1.98.0

1.99.0

Other

list

v0.*

v0.0.0

v0.0.1

v0.0.2

v0.1.0

v0.10.0

v0.11.0

v0.12.0

v0.13.0

v0.14.0

v0.15.0

v0.16.0

v0.17.0

v0.18.0

v0.19.0

v0.2.0

v0.2.1

v0.2.2

v0.20.0

v0.21.0

v0.22.0

v0.23.0

v0.24.0

v0.25.0

v0.26.0

v0.27.0

v0.28.0

v0.29.0

v0.3.0

v0.30.0

v0.31.0

v0.32.0

v0.32.1

v0.33.0

v0.34.0

v0.35.0

v0.36.0

v0.37.0

v0.4.0

v0.5.0

v0.7.0

v0.8.0

v0.9.0

v0.9.1

v1.*

v1.0.0

v1.1.0

v1.10.0

v1.11.0

v1.12.0

v1.13.0

v1.14.0

v1.15.0

v1.16.0

v1.17.0

v1.18.0

v1.19.0

v1.2.0

v1.20.0

v1.21.0

v1.22.0

v1.23.0

v1.24.0

v1.25.0

v1.26.0

v1.27.0

v1.28.0

v1.29.0

v1.3.0

v1.3.1

v1.30.0

v1.31.0

v1.32.0

v1.33.0

v1.34.0

v1.35.0

v1.36.0

v1.37.0

v1.38.0

v1.39.0

v1.4.0

v1.40.0

v1.5.0

v1.6.0

v1.7.0

v1.8.0

v1.9.0

v10.*

v10.0.0

v10.1.0

v11.*

v11.0.0

v11.1.0

v11.2.0

v12.*

v12.0.0

v12.1.0

v12.10.0

v12.11.0

v12.12.0

v12.13.0

v12.14.0

v12.15.0

v12.16.0

v12.17.0

v12.18.0

v12.19.0

v12.2.0

v12.20.0

v12.21.0

v12.22.0

v12.23.0

v12.24.0

v12.25.0

v12.26.0

v12.27.0

v12.28.0

v12.29.0

v12.3.0

v12.30.0

v12.31.0

v12.32.0

v12.33.0

v12.34.0

v12.35.0

v12.36.0

v12.37.0

v12.38.0

v12.39.0

v12.4.0

v12.40.0

v12.41.0

v12.42.0

v12.43.0

v12.44.0

v12.45.0

v12.5.0

v12.6.0

v12.7.0

v12.8.0

v12.9.0

v13.*

v13.0.0

v13.1.0

v13.10.0

v13.11.0

v13.12.0

v13.13.0

v13.14.0

v13.15.0

v13.16.0

v13.17.0

v13.18.0

v13.19.0

v13.2.0

v13.20.0

v13.21.0

v13.22.0

v13.23.0

v13.3.0

v13.4.0

v13.5.0

v13.6.0

v13.7.0

v13.8.0

v13.9.0

v14.*

v14.0.0

v15.*

v15.0.0

v15.1.0

v15.2.0

v15.3.0

v15.4.0

v15.5.0

v15.6.0

v15.7.0

v16.*

v16.0.0

v16.1.0

v2.*

v2.0.0

v2.1.0

v2.2.0

v2.3.0

v2.4.0

v2.5.0

v2.6.0

v2.7.0

v2.8.0

v2.9.0

v3.*

v3.0.0

v3.1.0

v3.2.0

v3.3.0

v3.4.0

v3.5.0

v3.6.0

v4.*

v4.0.0

v4.1.0

v4.2.0

v4.3.0

v4.4.0

v4.5.0

v5.*

v5.0.0

v5.1.0

v5.2.0

v5.3.0

v5.4.0

v5.5.0

v6.*

v6.0.0

v6.1.0

v6.10.0

v6.2.0

v6.3.0

v6.4.0

v6.5.0

v6.6.0

v6.7.0

v6.8.0

v6.9.0

v7.*

v7.0.0

v7.1.0

v7.10.0

v7.11.0

v7.2.0

v7.3.0

v7.4.0

v7.5.0

v7.6.0

v7.8.0

v7.9.0

v8.*

v8.0.0

v8.1.0

v9.*

v9.0.0

v9.1.0

v9.2.0

v9.3.0

v9.4.0

v9.5.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22115.json"