CVE-2017-8048
N/A
N/A
Summary
In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the original fix for CVE-2017-8033 introduces an API regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing a specially crafted application. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Cloud Controller VM capi-release versions 1.33.0 and later, prior to 1.42.0, cf-release versions 268 and later, prior to 274 | Cloud Controller VM capi-release versions 1.33.0 and later, prior to 1.42.0, cf-release versions 268 and later, prior to 274 | affected |
Weaknesses
- API regression
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.