VYPR

CF Networking Release

by Cloudfoundry

CVEs (1)

  • CVE-2018-15755Oct 12, 2018
    risk 0.00cvss epss 0.01

    Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, contain an internal api endpoint vulnerable to SQL injection between Diego cells and the policy server. A remote authenticated malicious user with mTLS certs can issue arbitrary SQL queries and gain access to…