VYPR
Get started
← All advisories
High severity7.5NVD Advisory· Published Aug 21, 2017· Updated May 13, 2026

CVE-2017-8037

CVE-2017-8037

Description

In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure.

Affected products

56
  • Cloudfoundry/Capi Release31 versions
    cpe:2.3:a:cloudfoundry:capi-release:1.10.0:*:*:*:*:*:*:*+ 30 more
    • cpe:2.3:a:cloudfoundry:capi-release:1.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.14.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.15.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.16.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.18.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.19.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.20.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.21.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.22.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.23.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.24.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.25.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.26.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.27.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.28.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.29.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.30.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.31.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.32.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.33.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.34.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.35.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.36.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.37.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:capi-release:1.9.0:*:*:*:*:*:*:*
  • Cloudfoundry/Cf Release25 versions
    cpe:2.3:a:cloudfoundry:cf-release:245:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:cloudfoundry:cf-release:245:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:246:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:247:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:248:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:249:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:250:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:251:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:252:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:253:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:254:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:255:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:256:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:257:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:258:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:259:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:260:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:261:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:262:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:263:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:264:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:265:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:266:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:267:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:268:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cf-release:269:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.