High
Cloud Foundry Foundation
A filesystem traversal vulnerability exists in the Cloud Controller that allows a space developer to escalate privileges by pushing a specially-crafted application that can write arbitrary files to the Cloud Controller VM.
Users of affected versions should apply the following mitigation or upgrade:
This vulnerability was responsibly reported by the GE Digital Security Team.
2017-07-19: Initial vulnerability report published