Improper Access Control in Cloud Foundry Silk CNI Plugin

Improper Access Control in Cloud Foundry Silk CNI Plugin

CVE-2018-1267 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies.

Learn more about our Network Penetration Testing.