BOSH Director Shell Injection Vulnerabilities

BOSH Director Shell Injection Vulnerabilities

CVE-2017-4961 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."

Learn more about our Cloud Audit.