CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3782

Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.0%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 2.1

References

Products affected by CVE-2019-3782

Cloudfoundry » Credhub Cli » Version: 0.1.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.1.0
Cloudfoundry » Credhub Cli » Version: 0.2.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.2.0
Cloudfoundry » Credhub Cli » Version: 0.3.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.3.0
Cloudfoundry » Credhub Cli » Version: 0.4.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.4.0
Cloudfoundry » Credhub Cli » Version: 0.5.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.5.0
Cloudfoundry » Credhub Cli » Version: 0.5.1

cpe:2.3:a:cloudfoundry:credhub_cli:0.5.1
Cloudfoundry » Credhub Cli » Version: 0.6.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.6.0
Cloudfoundry » Credhub Cli » Version: 0.7.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.7.0
Cloudfoundry » Credhub Cli » Version: 0.8.0

cpe:2.3:a:cloudfoundry:credhub_cli:0.8.0
Cloudfoundry » Credhub Cli » Version: 1.0.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.0.0
Cloudfoundry » Credhub Cli » Version: 1.1.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.1.0
Cloudfoundry » Credhub Cli » Version: 1.2.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.2.0
Cloudfoundry » Credhub Cli » Version: 1.3.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.3.0
Cloudfoundry » Credhub Cli » Version: 1.4.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.4.0
Cloudfoundry » Credhub Cli » Version: 1.4.1

cpe:2.3:a:cloudfoundry:credhub_cli:1.4.1
Cloudfoundry » Credhub Cli » Version: 1.5.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.5.0
Cloudfoundry » Credhub Cli » Version: 1.5.1

cpe:2.3:a:cloudfoundry:credhub_cli:1.5.1
Cloudfoundry » Credhub Cli » Version: 1.5.2

cpe:2.3:a:cloudfoundry:credhub_cli:1.5.2
Cloudfoundry » Credhub Cli » Version: 1.5.3

cpe:2.3:a:cloudfoundry:credhub_cli:1.5.3
Cloudfoundry » Credhub Cli » Version: 1.6.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.6.0
Cloudfoundry » Credhub Cli » Version: 1.7

cpe:2.3:a:cloudfoundry:credhub_cli:1.7
Cloudfoundry » Credhub Cli » Version: 1.7.0

cpe:2.3:a:cloudfoundry:credhub_cli:1.7.0
Cloudfoundry » Credhub Cli » Version: 1.7.1

cpe:2.3:a:cloudfoundry:credhub_cli:1.7.1
Cloudfoundry » Credhub Cli » Version: 1.7.3

cpe:2.3:a:cloudfoundry:credhub_cli:1.7.3
Cloudfoundry » Credhub Cli » Version: 1.7.4

cpe:2.3:a:cloudfoundry:credhub_cli:1.7.4
Cloudfoundry » Credhub Cli » Version: 1.7.5

cpe:2.3:a:cloudfoundry:credhub_cli:1.7.5
Cloudfoundry » Credhub Cli » Version: 1.7.6

cpe:2.3:a:cloudfoundry:credhub_cli:1.7.6
Cloudfoundry » Credhub Cli » Version: 2.0.0

cpe:2.3:a:cloudfoundry:credhub_cli:2.0.0
Cloudfoundry » Credhub Cli » Version: 2.0.1

cpe:2.3:a:cloudfoundry:credhub_cli:2.0.1
Cloudfoundry » Credhub Cli » Version: 2.1.0

cpe:2.3:a:cloudfoundry:credhub_cli:2.1.0
Cloudfoundry » Credhub Cli » Version: 2.2.0

cpe:2.3:a:cloudfoundry:credhub_cli:2.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3782

Products

Pricing

Contact Us