CVE-2020-5418

Published: 2020-09-03T01:15Z

Last Modified: 2024-11-21T05:34Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt