Back to search
CVE-2017-8037
Published: Aug 21, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure.
| Vendor | Product | Versions |
|---|---|---|
n/a | Cloud Foundry | affected Cloud Foundry |
References
https://www.cloudfoundry.org/cve-2017-8037/
x_refsource_CONFIRM
100448
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now