First published: Mon Jun 10 2024(Updated: )
Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale.
Credit: security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cloud Foundry cf-deployment | >=30.9.0<=40.13.0 | |
Pivotal Routing Release | >=0.273.0<=0.297.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-22279 is classified as a denial-of-service vulnerability that can significantly impact service availability.
To mitigate CVE-2024-22279, upgrade Routing Release versions between 0.273.0 and 0.297.0 to a secure version above 0.297.0.
CVE-2024-22279 affects users of Cloud Foundry's cf-deployment and Pivotal Routing Release within the specified version ranges.
Successful exploitation of CVE-2024-22279 allows an unauthenticated attacker to degrade the service availability of Cloud Foundry deployments.
The products vulnerable due to CVE-2024-22279 include Cloud Foundry's cf-deployment versions between 30.9.0 and 40.13.0 and Routing Release versions between 0.273.0 and 0.297.0.