CVE-2026-41857 - CERT CVE
ID CVE-2026-41857
Sažetak A compromised or malicious BOSH Director can execute arbitrary shell commands on the operator's workstation when the operator runs bosh ssh (or bosh scp/bosh logs -f) with default flags. Affected versions: BOSH CLI versions prior to 7.10.5.
Reference
CVSS
Base: 7.8
Impact: 5.9
Exploitability:1.8
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 13-07-2026 - 13:37
Objavljeno 09-07-2026 - 06:16