Pivotal » Bosh Stemcell : Security Vulnerabilities, CVEs, Published In 2017 (Denial of service) CVSS score >= 6
An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.
Max CVSS
9.0
EPSS Score
0.19%
Published
2017-05-25
Updated
2017-10-02
1 vulnerabilities found