Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BOSH Director VM 安全漏洞
Vulnerability Description
BOSH是一个针对大规模分布系统的部署和生命周期管理的开源工具,Director VM是其中的一个虚拟机,stemcell是其中的一个镜像。 使用stemcell 3232.6之前的版本和3146.13之前的版本的BOSH Director VM中的Agent的endpoint存在安全漏洞。攻击者可借助与现存GUID相匹配的URL利用该漏洞读取或写入blobs,或实施拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A