Back to search
CVE-2017-8038
Published: Nov 27, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, the ACL was bypassed for the CredHub interpolate endpoint, allowing authenticated applications to view any credential within the CredHub installation.
| Vendor | Product | Versions |
|---|---|---|
n/a | Credhub Credhub-release version 1.1.0 only | affected Credhub Credhub-release version 1.1.0 only |
References
https://www.cloudfoundry.org/cve-2017-8038/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now