CVE-2018-1269 Vulnerability Details

  /     /     /  

CVE-2018-1269 Metadata Quick Info

CVE Published: 06/06/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: dell | Vendor: Cloud Foundry | Product: Loggregator
Status : PUBLISHED

---

CVE-2018-1269 Description

Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious requests to cause the traffic controller to leave dangling TCP connections, which could cause denial of service.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Denial of service
Source: Cloud Foundry

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).