What is CVE-2020-5401?

CVE-2020-5401 is a medium-severity vulnerability in Cloud Foundry Routing, classified under CWE-393. CVSS score: 5.3/10. Published 2020-02-27.

How severe is CVE-2020-5401?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Cloud Foundry Routing

CVE-2020-5401

Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app.

EPSS: 0.004 (63.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Cloud Foundry Routing — versions unspecified

Weakness classification (CWE)

CWE-393

References

www.cloudfoundry.org/blog/cve-2020-5401 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-5401?: CVE-2020-5401 is a medium-severity vulnerability in Cloud Foundry Routing, classified under CWE-393. CVSS score: 5.3/10. Published 2020-02-27.
How severe is CVE-2020-5401?: Medium severity. CVSS v3 base score is 5.3 out of 10.