CVE-2022-31733CRITICALCVSS 9.1≥ 2.55.0, ≤ 2.69.02023-02-03
CVE-2022-31733 [CRITICAL] CWE-295 CVE-2022-31733: Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integrity is enabled AND unproxied ports are turned off, then an attacker could connect to an application that shoul
nvd