Log Cache Release
Approved changes feed: RSS · Atom
cpe:2.3:a:cloud_foundry:log-cache-release:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Cloud Foundry (bbc462c7-a964-5178-97e1-18033ab4dbd3) |
|---|---|
| Product | Log Cache Release (bfdc4e81-0dde-58d8-8d77-b675e70f0a58) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-1264 |
vulnerable | 2026-06-03 14:38:30.717486 |
Log Cache logs UAA client secret on startup
CRITICAL (9.1)
Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case, if this client is an admin, the attacker would gain complete control over the Foundation.
Published: 2018-10-05T21:00:00.000Z
Updated: 2024-09-16T19:10:46.786Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.