All Vulnerability Reports

CVE-2017-8038: Credentials readable from CredHub endpoint


Severity

High

References
Affected Pivotal Products and Versions

Severity is high unless otherwise noted.

  • No Pivotal Cloud Foundry products are affected by this CVE. PCF Operations Manager began including CredHub in 1.11.0, but they did not release a version of Ops Manager using the affected CredHub release.
Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry team recommends upgrading BOSH stemcells and/or other OSS components listed here if applicable.