Vulnerabilities > CVE-2017-8038 - Unspecified vulnerability in Pivotal Software Credhub-Release 1.1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, the ACL was bypassed for the CredHub interpolate endpoint, allowing authenticated applications to view any credential within the CredHub installation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |