Security Advisory

CVE-2020-5418

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-03 01:10:15

Last updated 2024-09-17 00:01:00

Assigner pivotal

State PUBLISHED

Description

Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none).

← Browse all CVEs View on cve.org ↗