CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3779

Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 4.0

References

Products affected by CVE-2019-3779

Cloudfoundry » Container Runtime » Version: 0.0.1

cpe:2.3:a:cloudfoundry:container_runtime:0.0.1
Cloudfoundry » Container Runtime » Version: 0.0.2

cpe:2.3:a:cloudfoundry:container_runtime:0.0.2
Cloudfoundry » Container Runtime » Version: 0.0.3

cpe:2.3:a:cloudfoundry:container_runtime:0.0.3
Cloudfoundry » Container Runtime » Version: 0.0.4

cpe:2.3:a:cloudfoundry:container_runtime:0.0.4
Cloudfoundry » Container Runtime » Version: 0.0.5

cpe:2.3:a:cloudfoundry:container_runtime:0.0.5
Cloudfoundry » Container Runtime » Version: 0.10.0

cpe:2.3:a:cloudfoundry:container_runtime:0.10.0
Cloudfoundry » Container Runtime » Version: 0.11.0

cpe:2.3:a:cloudfoundry:container_runtime:0.11.0
Cloudfoundry » Container Runtime » Version: 0.11.1

cpe:2.3:a:cloudfoundry:container_runtime:0.11.1
Cloudfoundry » Container Runtime » Version: 0.12.0

cpe:2.3:a:cloudfoundry:container_runtime:0.12.0
Cloudfoundry » Container Runtime » Version: 0.13.0

cpe:2.3:a:cloudfoundry:container_runtime:0.13.0
Cloudfoundry » Container Runtime » Version: 0.14.0

cpe:2.3:a:cloudfoundry:container_runtime:0.14.0
Cloudfoundry » Container Runtime » Version: 0.15.0

cpe:2.3:a:cloudfoundry:container_runtime:0.15.0
Cloudfoundry » Container Runtime » Version: 0.16.0

cpe:2.3:a:cloudfoundry:container_runtime:0.16.0
Cloudfoundry » Container Runtime » Version: 0.16.1

cpe:2.3:a:cloudfoundry:container_runtime:0.16.1
Cloudfoundry » Container Runtime » Version: 0.16.3

cpe:2.3:a:cloudfoundry:container_runtime:0.16.3
Cloudfoundry » Container Runtime » Version: 0.17.0

cpe:2.3:a:cloudfoundry:container_runtime:0.17.0
Cloudfoundry » Container Runtime » Version: 0.18.0

cpe:2.3:a:cloudfoundry:container_runtime:0.18.0
Cloudfoundry » Container Runtime » Version: 0.19.0

cpe:2.3:a:cloudfoundry:container_runtime:0.19.0
Cloudfoundry » Container Runtime » Version: 0.20.0

cpe:2.3:a:cloudfoundry:container_runtime:0.20.0
Cloudfoundry » Container Runtime » Version: 0.21.0

cpe:2.3:a:cloudfoundry:container_runtime:0.21.0
Cloudfoundry » Container Runtime » Version: 0.22.0

cpe:2.3:a:cloudfoundry:container_runtime:0.22.0
Cloudfoundry » Container Runtime » Version: 0.23.0

cpe:2.3:a:cloudfoundry:container_runtime:0.23.0
Cloudfoundry » Container Runtime » Version: 0.24.0

cpe:2.3:a:cloudfoundry:container_runtime:0.24.0
Cloudfoundry » Container Runtime » Version: 0.25.0

cpe:2.3:a:cloudfoundry:container_runtime:0.25.0
Cloudfoundry » Container Runtime » Version: 0.26.0

cpe:2.3:a:cloudfoundry:container_runtime:0.26.0
Cloudfoundry » Container Runtime » Version: 0.27.0

cpe:2.3:a:cloudfoundry:container_runtime:0.27.0
Cloudfoundry » Container Runtime » Version: 0.28.0

cpe:2.3:a:cloudfoundry:container_runtime:0.28.0
Cloudfoundry » Container Runtime » Version: 0.6.0

cpe:2.3:a:cloudfoundry:container_runtime:0.6.0
Cloudfoundry » Container Runtime » Version: 0.7.0

cpe:2.3:a:cloudfoundry:container_runtime:0.7.0
Cloudfoundry » Container Runtime » Version: 0.8.0

cpe:2.3:a:cloudfoundry:container_runtime:0.8.0
Cloudfoundry » Container Runtime » Version: 0.8.1

cpe:2.3:a:cloudfoundry:container_runtime:0.8.1
Cloudfoundry » Container Runtime » Version: 0.9.0

cpe:2.3:a:cloudfoundry:container_runtime:0.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3779

Products

Pricing

Contact Us