Vulnerabilities > CVE-2017-8036 - Unspecified vulnerability in Cloudfoundry Capi-Release 1.33.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

cloudfoundry

NVD

Published: 2017-07-24

Updated: 2022-02-09

Summary

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release version 1.33.0 (only). The original fix for CVE-2017-8033 included in CAPI-release 1.33.0 introduces a regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing a specially crafted application.

Vulnerable Configurations

Part	Description	Count
Application	Cloudfoundry Cloudfoundry Capi Release 1.33.0	1

References

https://www.cloudfoundry.org/cve-2017-8036/
http://www.securityfocus.com/bid/100002