Pivotal Software Cloud Controller
By the Year
In 2024 there have been 0 vulnerabilities in Pivotal Software Cloud Controller . Cloud Controller did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 2 | 8.45 |
It may take a day or so for new Cloud Controller vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pivotal Software Cloud Controller Security Vulnerabilities
Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities
CVE-2018-1266
8.1 - High
- March 27, 2018
Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwrite arbitrary files on the Cloud Controller instance.
Directory traversal
In Cloud Controller versions prior to 1.46.0
CVE-2018-1195
8.8 - High
- March 19, 2018
In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf-release versions prior to 283, Cloud Controller accepts refresh tokens for authentication where access tokens are expected. This exposes a vulnerability where a refresh token that would otherwise be insufficient to obtain an access token, either due to lack of client credentials or revocation, would allow authentication.
Insufficient Session Expiration
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cloudfoundry Capi Release or by Pivotal Software? Click the Watch button to subscribe.
