Primary

Context

Cloud Foundry Authentication Bypass Vulnerability in cf-auth-proxy Allowing Unauthorized Log Access

Vulnerability

Patched

An authentication bypass vulnerability has been identified in the cf-auth-proxy component of Cloud Foundry. This vulnerability affects all installations and allows an unauthenticated remote attacker to read logs and metrics from every application and platform component. The issue arises from the ability to create a JSON Web Token (JWT) that the cf-auth-proxy accepts as a valid 'logs.admin' token.

Impact

Exploitation of this vulnerability allows unauthorized access to application and platform logs and metrics, potentially leading to the disclosure of sensitive information.

Remediation

Users are advised to upgrade to Cloud Foundry log-cache_release version 3.2.7 or greater and to upgrade to CF Deployment version 55.?.0 or greater, which includes log-cache_release v3.2.7.

Added: Jun 1, 2026, 10:20 PM

Updated: Jun 1, 2026, 10:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

9.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

9.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cloud Foundry Authentication Bypass Vulnerability in cf-auth-proxy Allowing Unauthorized Log Access

Vulnerability

Impact

Remediation

Affected Products

Cloud Foundry Foundation cf-auth-proxy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating