Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pivotal Software Cloud Foundry 信息泄露漏洞
Vulnerability Description
Pivotal Software Cloud Foundry(CF)是美国Pivotal Software公司的一套开源的平台即服务(PaaS)云计算平台,它提供容器调度、持续交付和自动化服务部署等功能。cf-release和CAPI-release都是CF的发布版本。 Pivotal Software CF cf-release 244版本至270版本和CAPI-release 1.6.0版本至1.38版本存在信息泄露漏洞。攻击者可借助特制的CAPI请求利用该漏洞获取Cloud Controller V
CVSS Information
N/A
Vulnerability Type
N/A