Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies.
References
Link | Resource |
---|---|
https://www.cloudfoundry.org/blog/cve-2018-1267/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2018-03-26T00:00:00
Updated: 2018-03-27T15:57:02
Reserved: 2017-12-06T00:00:00
Link: CVE-2018-1267
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-27T16:29:00.467
Modified: 2021-09-09T17:15:38.590
Link: CVE-2018-1267
JSON object: View
Redhat Information
No data.
CWE