Vulnerabilities > Cloudfoundry > Stratos > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-03-07 CVE-2019-3784 Session Fixation vulnerability in Cloudfoundry Stratos
Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed.
network
low complexity
cloudfoundry CWE-384
4.0
4.0
2019-03-07 CVE-2019-3783 Insecure Default Initialization of Resource vulnerability in Cloudfoundry Stratos
Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret.
network
low complexity
cloudfoundry CWE-1188
4.0
4.0