Vulnerabilities > CVE-2016-2169 - Code vulnerability in Cloudfoundry Capi-Release and Cf-Release

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
cloudfoundry
CWE-17

Summary

Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a route that conflicts with a platform service route and receive traffic intended for the service.

Vulnerable Configurations

Part Description Count
Application
Cloudfoundry
173
Hardware
Cloudfoundry
1

Common Weakness Enumeration (CWE)