Vulnerabilities > CVE-2020-5420 - Improper Check for Unusual or Exceptional Conditions vulnerability in Cloudfoundry Cf-Deployment

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
cloudfoundry
CWE-754

Summary

Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.

Vulnerable Configurations

Part Description Count
Application
Cloudfoundry
166