CVE-2017-4964

Summary

Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a maliciously crafted stemcell to execute arbitrary code on VMs created by the director, aka a "CPI code injection vulnerability."

Affected Software

VendorProductVersion RangeStatus
n/aCloud Foundry Foundation BOSH Azure CPI Release v22Cloud Foundry Foundation BOSH Azure CPI Release v22affected

Weaknesses

  • CPI code injection vulnerability

ADP Enrichment

CVE Program Container

Additional References

References