{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T11:21:22.133","vulnerabilities":[{"cve":{"id":"CVE-2017-8037","sourceIdentifier":"security_alert@emc.com","published":"2017-08-21T22:29:00.183","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure."},{"lang":"es","value":"En Cloud Foundry Foundation CAPI-release en versiones posteriores a la v1.6.0 y anteriores a la v1.38.0 y cf-release en versiones posteriores a la v244 y anteriores a la v270 hay una solución incompleta para CVE-2017-8035. Si ha emprendido acciones para solucionar CVE-2017-8035, también debería actualizar para solucionar este CVE. Una petición CAPI especialmente manipulada desde un Space Developer puede permitir que atacantes obtengan acceso al Cloud Controller VM para tal instalación. Esto también se conoce como (Fuga/Divulgación de Información)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.7.0:*:*:*:*:*:*:*","matchCriteriaId":"F260594E-4032-406D-8B84-3E91400F86FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.8.0:*:*:*:*:*:*:*","matchCriteriaId":"F2D9350E-0AA5-4D9A-A41A-855B40E440D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.9.0:*:*:*:*:*:*:*","matchCriteriaId":"A66A9C0A-9B42-4B7E-A4B7-F06601B67FB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.10.0:*:*:*:*:*:*:*","matchCriteriaId":"207F6A29-0A37-4CDD-8DB2-E6CD89204013"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.11.0:*:*:*:*:*:*:*","matchCriteriaId":"D3803207-D7A0-47E0-A357-314C245C5C13"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.12.0:*:*:*:*:*:*:*","matchCriteriaId":"039156DB-D2DC-4AD5-9ACE-52095FE688BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.13.0:*:*:*:*:*:*:*","matchCriteriaId":"7343B84E-3255-4BB4-A988-03BC9DC8D7E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.14.0:*:*:*:*:*:*:*","matchCriteriaId":"3EB53101-EC12-49DE-8C3C-3B373C4FA1E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.15.0:*:*:*:*:*:*:*","matchCriteriaId":"15625A3E-61A4-4F7E-BFEC-7ED830AE41C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.16.0:*:*:*:*:*:*:*","matchCriteriaId":"38B7D6B1-2CB1-4FB1-BC63-3104391D2742"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.17.0:*:*:*:*:*:*:*","matchCriteriaId":"D4D9D5D4-14E4-404A-B88E-78C8A37CB9B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.18.0:*:*:*:*:*:*:*","matchCriteriaId":"0C56907A-3233-435F-933B-8E3ED4965BC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.19.0:*:*:*:*:*:*:*","matchCriteriaId":"A33E86E4-BD1C-4D03-9AF4-7A86B0B5BCE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.20.0:*:*:*:*:*:*:*","matchCriteriaId":"C409657C-0C4D-4873-B707-38AC618035CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.21.0:*:*:*:*:*:*:*","matchCriteriaId":"41CD5C38-E188-41DB-A811-27438525FDAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.22.0:*:*:*:*:*:*:*","matchCriteriaId":"5E3EC8F2-3520-4952-9541-3C56F6D131BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.23.0:*:*:*:*:*:*:*","matchCriteriaId":"B1671324-93EB-4409-9BA5-0D2D847C6A85"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.24.0:*:*:*:*:*:*:*","matchCriteriaId":"45AC669D-3AED-48C2-ADA2-D1EE235FA793"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.25.0:*:*:*:*:*:*:*","matchCriteriaId":"8970738B-E240-4C3E-A8F6-57FB66976B6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.26.0:*:*:*:*:*:*:*","matchCriteriaId":"00406C75-1032-49A3-9C4E-AC41F46CA778"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.27.0:*:*:*:*:*:*:*","matchCriteriaId":"D464CFBC-5AEF-4B65-8616-8E31E8C856D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.28.0:*:*:*:*:*:*:*","matchCriteriaId":"7FE0978C-1BEC-4FCE-A625-0FF196B3E6C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.29.0:*:*:*:*:*:*:*","matchCriteriaId":"6B258E3E-2291-4180-9735-71EE2874250B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.30.0:*:*:*:*:*:*:*","matchCriteriaId":"D416F421-66EB-4A80-BC1A-B99AE3F7E126"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.31.0:*:*:*:*:*:*:*","matchCriteriaId":"6D8DA9C5-C65C-467B-AD90-8B84E8EF9397"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.32.0:*:*:*:*:*:*:*","matchCriteriaId":"6D7F5A30-36EF-4F1D-B712-4F482F757CEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.33.0:*:*:*:*:*:*:*","matchCriteriaId":"D8D55D28-676E-42C4-90A5-C9CE306D42C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.34.0:*:*:*:*:*:*:*","matchCriteriaId":"76369246-BE4B-4FAC-855B-8590C5C8DFBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.35.0:*:*:*:*:*:*:*","matchCriteriaId":"F684CB9F-8079-452A-9F27-8F964C636AD2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.36.0:*:*:*:*:*:*:*","matchCriteriaId":"772569FD-E641-42EB-A694-64EC4E7437E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:capi-release:1.37.0:*:*:*:*:*:*:*","matchCriteriaId":"35A5003C-2FB9-4FA3-AC7E-038CD573A23C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:245:*:*:*:*:*:*:*","matchCriteriaId":"2DA6A56C-E0FE-4CB1-BE86-4C1E80D97265"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:246:*:*:*:*:*:*:*","matchCriteriaId":"BAF4D7D1-4C35-4F76-816D-3F2407804E85"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:247:*:*:*:*:*:*:*","matchCriteriaId":"D852D5F4-DDB4-4C76-88B6-EB49E21FEDC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:248:*:*:*:*:*:*:*","matchCriteriaId":"B35C30C1-E2B9-4590-8765-1E0DA735E026"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:249:*:*:*:*:*:*:*","matchCriteriaId":"3680FAA7-9B57-4A9A-BD20-68821A7D4FE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:250:*:*:*:*:*:*:*","matchCriteriaId":"E9F9A19A-9E31-4E4A-869C-9C13163A06C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:251:*:*:*:*:*:*:*","matchCriteriaId":"F08095E9-1BA9-438F-B776-D75F419E682E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:252:*:*:*:*:*:*:*","matchCriteriaId":"CAE29D36-9A2E-4D87-8C0C-D8FC1034B027"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:253:*:*:*:*:*:*:*","matchCriteriaId":"7E227D42-19CA-45DD-AAC1-8D31537B5BFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:254:*:*:*:*:*:*:*","matchCriteriaId":"BC145421-17F6-438B-9C3F-8DED72F3B5B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:255:*:*:*:*:*:*:*","matchCriteriaId":"5046C2CB-99C6-4243-B830-B3957910F1AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:256:*:*:*:*:*:*:*","matchCriteriaId":"5A07B320-7DC3-4E7B-8997-6606F8FCBEBB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:257:*:*:*:*:*:*:*","matchCriteriaId":"3F7777A5-9136-49E4-9A6F-3C9A6687DAA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:258:*:*:*:*:*:*:*","matchCriteriaId":"88C90B83-9597-427C-A941-06F0C5A8C3DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:259:*:*:*:*:*:*:*","matchCriteriaId":"A3D92B65-E45A-42EE-B0B9-AD69E1881E2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:260:*:*:*:*:*:*:*","matchCriteriaId":"A98BAE4B-184F-49A4-89E1-4F270CC7FEC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:261:*:*:*:*:*:*:*","matchCriteriaId":"A7E78B11-B3E9-4D62-8F17-F2575D7F9181"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:262:*:*:*:*:*:*:*","matchCriteriaId":"EB5EF186-0D05-497D-A66C-142ED0DFA973"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:263:*:*:*:*:*:*:*","matchCriteriaId":"7A262620-E71A-44C7-A1F4-BEEDF107BC2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:264:*:*:*:*:*:*:*","matchCriteriaId":"B9D721F9-227C-4F1D-9010-D1920F692228"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:265:*:*:*:*:*:*:*","matchCriteriaId":"6AE4BA55-963C-4EB1-AD85-344AAE107A82"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:266:*:*:*:*:*:*:*","matchCriteriaId":"7E5827B3-143F-408B-A0C7-005079BD9215"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:267:*:*:*:*:*:*:*","matchCriteriaId":"762BE4A1-931B-4C44-94C8-F5DC894CFD1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:268:*:*:*:*:*:*:*","matchCriteriaId":"735E1016-97F0-4286-955F-6017A2F8AD79"},{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:cf-release:269:*:*:*:*:*:*:*","matchCriteriaId":"F021AB15-30F0-46DE-B613-11E3D4C9FD50"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/100448","source":"security_alert@emc.com"},{"url":"https://www.cloudfoundry.org/cve-2017-8037/","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/100448","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.cloudfoundry.org/cve-2017-8037/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}