| ID |
CVE-2017-8037
|
| Sažetak |
In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure. |
| Reference |
|
| CVSS |
| Base: | 5.0 |
| Impact: | 2.9 |
| Exploitability: | 10.0 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| PARTIAL |
NONE |
NONE |
|
| CVSS vektor |
AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Zadnje važnije ažuriranje |
22-03-2019 - 09:29 |
| Objavljeno |
21-08-2017 - 22:29 |
