Vulnerability Details : CVE-2017-8037
In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2017-8037
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less