Unrated severityNVD Advisory· Published Nov 25, 2019· Updated Sep 16, 2024
Cloud Foundry UAA logs query parameters in tomcat access file
CVE-2019-11290
Description
Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < v74.8.0
- Cloud Foundry/UAA Releasev5Range: All
Patches
Vulnerability mechanics
References
1- www.cloudfoundry.org/blog/cve-2019-11290mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.