← voltar
CVE-2015-5350

CVE-2015-5350

EPSS 1.3%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 mar 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In Garden versions 0.22.0-0.329.0, a vulnerability has been discovered in the garden-linux nstar executable that allows access to files on the host system. By staging an application on Cloud Foundry using Diego and Garden installations with a malicious custom buildpack an end user could read files on the host system that the BOSH-created vcap user has permissions to read and then package them into their app droplet.
Produtos afetados
Dell EMC · Garden Nstar

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://pivotal.io/security/cve-2015-5350