CVE-2017-8048

Published: Oct 3, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the original fix for CVE-2017-8033 introduces an API regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing a specially crafted application. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.

Vendor	Product	Versions
n/a	Cloud Controller VM capi-release versions 1.33.0 and later, prior to 1.42.0, cf-release versions 268 and later, prior to 274	affected `Cloud Controller VM capi-release versions 1.33.0 and later, prior to 1.42.0, cf-release versions 268 and later, prior to 274`

References

https://www.cloudfoundry.org/cve-2017-8048/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-8048

Description

Affected Products

References