CVE-2017-4961
13.06.2017, 06:29
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."Enginsight
| Vendor | Product | Version |
|---|---|---|
| cloud_foundry | bosh | 260.1 |
| cloud_foundry | bosh | 260.2 |
| cloud_foundry | bosh | 260.3 |
| cloud_foundry | bosh | 260.4 |
| cloud_foundry | bosh | 260.5 |
| cloud_foundry | bosh | 260.6 |
| cloud_foundry | bosh | 260.7 |
| cloud_foundry | bosh | 261.1 |
| cloud_foundry | bosh | 261.2 |
𝑥
= Vulnerable software versions