First published: Thu Mar 29 2018(Updated: )
Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cloudfoundry Cf-deployment | <1.9.0 | |
Cloudfoundry Garden-runc-release | <1.11.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-1191 is an information exposure vulnerability in Cloud Foundry Garden-runC versions prior to 1.11.0.
CVE-2018-1191 has a severity rating of 8.8 (High).
The affected software of CVE-2018-1191 is Cloud Foundry Garden-runC versions prior to 1.11.0.
The potential consequences of CVE-2018-1191 include leaked credentials and the ability to perform authenticated actions.
To fix CVE-2018-1191, upgrade to Cloud Foundry Garden-runC version 1.11.0 or later.