CVE-2017-8033

Published: Jul 25, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions prior to v1.35.0 and cf-release versions prior to v268. A filesystem traversal vulnerability exists in the Cloud Controller that allows a space developer to escalate privileges by pushing a specially crafted application that can write arbitrary files to the Cloud Controller VM.

Vendor	Product	Versions
n/a	Cloud Controller API CAPI-release versions prior to v1.35.0 and cf-release versions prior to v268	affected `Cloud Controller API CAPI-release versions prior to v1.35.0 and cf-release versions prior to v268`

References

https://www.cloudfoundry.org/cve-2017-8033/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-8033

Description

Affected Products

References