Unrated severityNVD Advisory· Published Sep 23, 2019· Updated Sep 16, 2024
Volume Services is vulnerable to an LDAP injection attack
CVE-2019-11277
Description
Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: >=1.7.0, <1.7.11; >=2.0.0, <2.3.0
- Cloud Foundry/CF Deploymentv5Range: All
- Cloud Foundry/CF NFS volume releasev5Range: 1.7
Patches
Vulnerability mechanics
References
1- www.cloudfoundry.org/blog/cve-2019-11277mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.