CVE-2017-4961

Summary

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."

Affected Software

VendorProductVersion RangeStatus
n/aCloud Foundry Foundation BOSH ReleaseCloud Foundry Foundation BOSH Releaseaffected

Weaknesses

  • BOSH Director Shell Injection Vulnerabilities

ADP Enrichment

CVE Program Container

Additional References

References