Exposure of Passwords in Cloud Foundry CLI (CVE-2021-21214)

Exposure of Passwords in Cloud Foundry CLI (CVE-2021-21214)

CVE-2019-3781 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password.

Learn more about our User Device Pen Test.