Nfs Volume Release
Approved changes feed: RSS · Atom
cpe:2.3:a:cloud_foundry:nfs_volume_release:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Cloud Foundry (bbc462c7-a964-5178-97e1-18033ab4dbd3) |
|---|---|
| Product | Nfs Volume Release (b99b77bc-e3fd-5dba-a514-635663bcc342) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-15797 |
vulnerable | 2026-06-03 14:38:19.449205 |
NFS Volume release errand leaks cf admin credentials in logs
HIGH (8.4)
Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7.3, logs the cf admin username and password when running the nfsbrokerpush BOSH deploy errand. A remote authenticated user with access to BOSH can obtain the admin credentials for the Cloud Foundry Platform through the logs of the NFS volume deploy errand.
Published: 2018-12-05T18:00:00.000Z
Updated: 2024-09-16T18:24:31.452Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.