Medium
Cloud Foundry Foundation
Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH.
Users of affected versions should apply the following mitigations or upgrades:
This issue was responsibly reported by the VMware team**.**
2018-03-26: Initial vulnerability report published.