Vulnerabilities > CVE-2017-8038 - Unspecified vulnerability in Pivotal Software Credhub-Release 1.1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, the ACL was bypassed for the CredHub interpolate endpoint, allowing authenticated applications to view any credential within the CredHub installation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |