📦

credhub_cli

Vendor: cloudfoundry

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 1 Total Indexed
Avg. EPSS 0.07% Exploit Prob.
Latest CVE CVE-2019-3782 Feb 13

Security Vulnerability Index

Page 1 / 1
7.8 CVSS
CVE-2019-3782

Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user.

EPSS: 0.07%