CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-3782

HIGH
7.8
CVSS Severity Score
EPSS Score0.1150%
EPSS Percentile44.66th
Published2019年2月13日
Last Modified2024年11月21日

Vulnerability Description

Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user.

Affected Platforms (CPE)

📦
Cloudfoundry

Credhub Cli

< 2.2.1

References & Advisories

🔗 http://www.securityfocus.com/bid/107038
🔗 https://www.cloudfoundry.org/blog/cve-2019-3782
🔗 http://www.securityfocus.com/bid/107038
🔗 https://www.cloudfoundry.org/blog/cve-2019-3782

相关漏洞威胁

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...