Credhub Cli
Approved changes feed: RSS · Atom
cpe:2.3:a:cloud_foundry:credhub_cli:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Cloud Foundry (bbc462c7-a964-5178-97e1-18033ab4dbd3) |
|---|---|
| Product | Credhub Cli (2a349e0e-9a74-5e35-8fb6-511fdd067860) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-3782 |
vulnerable | 2026-06-03 14:40:27.458053 |
CredHub CLI writes environment variable credentials to disk
MEDIUM (6.3)
Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user.
Published: 2019-02-13T16:00:00.000Z
Updated: 2024-09-16T23:36:58.237Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.