Stratos Cloudfoundry Stratos

Do you want an email whenever new security vulnerabilities are reported in Cloudfoundry Stratos?

By the Year

In 2024 there have been 0 vulnerabilities in Cloudfoundry Stratos . Stratos did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 2 7.65
2018 0 0.00

It may take a day or so for new Stratos vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Cloudfoundry Stratos Security Vulnerabilities

Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret

CVE-2019-3783 8.8 - High - March 07, 2019

Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret. A malicious user with default session store secret can brute force another user's current Stratos session, and act on behalf of that user.

Credentials Management Errors

Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed

CVE-2019-3784 6.5 - Medium - March 07, 2019

Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. When deployed on cloud foundry with multiple instances using the default embedded SQLite database, a remote authenticated malicious user can switch sessions to another user with the same session id.

Session Fixation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Cloudfoundry Stratos or by Cloudfoundry? Click the Watch button to subscribe.

subscribe