Credentials Leakage in Pivotal PCF Elastic Runtime Logs

Credentials Leakage in Pivotal PCF Elastic Runtime Logs

CVE-2017-4955 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic Runtime tile.

Learn more about our Web Application Penetration Testing UK.