{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T19:00:25.936","vulnerabilities":[{"cve":{"id":"CVE-2020-5416","sourceIdentifier":"security@pivotal.io","published":"2020-08-21T22:15:12.527","lastModified":"2024-11-21T05:34:07.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP requests that may cause the Gorouters to be dropped from the NGINX backend pool."},{"lang":"es","value":"Cloud Foundry Routing (Gorouter), versiones anteriores a 0.204.0, cuando es usado en una implementación con proxys inversos NGINX frente a los Gorouters, es potencialmente vulnerable a ataques de denegación de servicio en los que un atacante malicioso no autenticado puede enviar peticiones HTTP especialmente diseñadas que pueden causar que los Gorouters sean eliminados del grupo de backend de NGINX."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV30":[{"source":"security@pivotal.io","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@pivotal.io","type":"Secondary","description":[{"lang":"en","value":"CWE-404"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-404"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*","versionEndExcluding":"13.13.0","matchCriteriaId":"AAA9939F-B430-45EB-8B6A-E37E56D4258B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:routing-release:*:*:*:*:*:*:*:*","versionEndExcluding":"0.204.0","matchCriteriaId":"86F6E764-7191-4EDB-AC4A-E606961F8542"}]}]}],"references":[{"url":"https://www.cloudfoundry.org/blog/cve-2020-5416","source":"security@pivotal.io","tags":["Vendor Advisory"]},{"url":"https://www.cloudfoundry.org/blog/cve-2020-5416","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}