CVE-2018-1276

Published: May 17, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the ability to push apps can execute crafted commands to read the IaaS metadata from the VM, which may contain BOSH credentials.

Vendor	Product	Versions
Cloud Foundry	Windows2012R2 stemcell	affected `versions prior to 1200.17`

References

https://www.cloudfoundry.org/blog/cve-2018-1276/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-1276

Description

Affected Products

References