CVE-2021-22115

Published: Apr 8, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller.

Vendor	Product	Versions
n/a	Cloud Control API	affected `CAPI versions prior to 1.106.0`

References

https://www.cloudfoundry.org/blog/cve-2021-22115-capi-logs-service-broker-credentials/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-22115

Description

Affected Products

References