Unrated severityNVD Advisory· Published Feb 12, 2020· Updated Sep 16, 2024
CredHub does not properly enable TLS for MySQL database connections
CVE-2020-5399
Description
Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access to CredHub and other components.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.5.10
- Cloud Foundry/CredHubv5Range: Edge
Patches
Vulnerability mechanics
References
1- www.cloudfoundry.org/blog/cve-2020-5399mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.