CVE-2021-22100Uncontrolled Resource Consumption in Capi-release

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.4%
top 40.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cloudfoundry Capi-releaseCloudfoundry Cf-deployment
Timeline
PublishedMar 25
Latest updateMar 26

Description

In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for anyone to push or manage apps.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-hpw7-xrjw-4cx3: In cloud foundry CAPI versions prior to 12022-03-26
CVEList
CVE-2021-22100: In cloud foundry CAPI versions prior to 12022-03-25
CVE-2021-22100 — Uncontrolled Resource Consumption | cvebase