{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22727", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2026-01-09T06:54:41.497Z", "datePublished": "2026-03-17T22:45:09.247Z", "dateUpdated": "2026-03-19T03:55:20.318Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2026-03-17T22:45:09.247Z"}, "title": "Cloud Foundry unprotected internal endpoints", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-306", "description": "CWE-306", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "affected": [{"vendor": "Cloudfoundry", "product": "Cloud Foundry", "versions": [{"status": "affected", "version": "1.0", "lessThanOrEqual": "1.226.0", "versionType": "git"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information."}]}], "references": [{"url": "https://www.cloudfoundry.org/blog/cve-2026-22727-unprotected-internal-endpoints"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-22727"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T03:55:20.318Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22727", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-18T20:16:15.368258Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T20:16:19.497Z"}}], "cna": {"title": "Cloud Foundry unprotected internal endpoints", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Cloudfoundry", "product": "Cloud Foundry", "versions": [{"status": "affected", "version": "1.0", "versionType": "git", "lessThanOrEqual": "1.226.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.cloudfoundry.org/blog/cve-2026-22727-unprotected-internal-endpoints"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information.", "supportingMedia": [{"type": "text/html", "value": "Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2026-03-17T22:45:09.247Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22727", "state": "PUBLISHED", "dateUpdated": "2026-03-19T03:55:20.318Z", "dateReserved": "2026-01-09T06:54:41.497Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2026-03-17T22:45:09.247Z", "assignerShortName": "vmware"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information."}, {"lang": "es", "value": "Puntos finales internos desprotegidos en Cloud Foundry Capi Release 1.226.0 y versiones anteriores, y CF Deployment v54.9.0 y versiones anteriores en todas las plataformas permite a cualquier usuario que ha eludido el cortafuegos reemplazar potencialmente 'droplets' y, por lo tanto, aplicaciones, permiti\u00e9ndoles acceder a informaci\u00f3n segura de la aplicaci\u00f3n."}], "id": "CVE-2026-22727", "lastModified": "2026-03-18T14:52:44.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2026-03-17T23:16:17.470", "references": [{"source": "security@vmware.com", "url": "https://www.cloudfoundry.org/blog/cve-2026-22727-unprotected-internal-endpoints"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "security@vmware.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,1.226.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Cloud Foundry", "source": "cna", "vendor": "Cloudfoundry"}, "product": "cloud_foundry", "vendor": "cloudfoundry"}], "analysis": {"en": {"generated_at": "2026-03-18T00:22:24.235801+00:00", "value": {"mitigation_remediation": ["Apply the latest Cloud Foundry patch or upgrade to Capi Release >1.226.0 and CF Deployment >v54.9.0", "Reconfigure firewall rules to ensure internal endpoints are not accessible from untrusted sources", "Verify that authentication mechanisms are enforced on all internal API endpoints", "Consult the Cloud Foundry vendor for any additional security hardening recommendations"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Cloudfoundry:Cloud Foundry products, specifically Capi Release versions up to 1.226.0 and CF Deployment versions up to v54.9.0 on all platforms. Users of these releases should verify whether their deployment matches or precedes these versions.", "description_and_impact": "Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and earlier, and CF Deployment v54.9.0 and earlier expose a missing authentication weakness (CWE\u2011306). An attacker who has bypassed the firewall could replace droplets, effectively changing application code and gaining unauthorized access to secure application data. This permits data exfiltration and could be used to execute arbitrary code within the affected environment.", "risk_and_exploitability": "The CVSS v3 score is 7.5, indicating high severity. Exploit probability (EPSS) is not available, and the flaw is not listed in CISA\u2019s KEV catalog, suggesting it may not yet be widely exploited. The likely attack vector requires an attacker to have already bypassed the external firewall to reach the internal network, after which the unprotected endpoints allow direct droplet replacement. Given the potential for remote code execution and data exposure, the risk is considered significant if the firewall is compromised."}}}}, "created": "2026-03-18T10:42:36.556845+00:00", "updated": "2026-03-24T10:54:25.327038+00:00", "vendors": ["cloudfoundry", "cloudfoundry$PRODUCT$cloud_foundry"]}