CVE CVE-2019-3780 Mappings

Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains a configuration file with IAAS credentials. A malicious user with access to the k8s nodes can obtain IAAS credentials allowing the user to escalate privileges to gain access to the IAAS account.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-3780 Cloud Foundry Container Runtime (CFCR) primary_impact T1552.001 Credentials In Files
CVE-2019-3780 Cloud Foundry Container Runtime (CFCR) secondary_impact T1068 Exploitation for Privilege Escalation