CVE-2018-1197: GCP Metadata Endpoint Accessible from Application Containers on Windows

Severity

High

Vendor

Cloud Foundry Foundation

Affected Cloud Foundry Products and Versions

Windows Stemcells
- All versions prior to 1200.14

Description

Apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials.

Mitigation

Users of affected versions should apply the following mitigations or upgrades:

Releases that have fixed this issue include:
- Windows Stemcells: 1200.14

Credit

This issue was responsibly reported by the BOSH Windows Team.

History

2018-02-22: Initial vulnerability report published.

CVE-2018-1197: GCP Metadata Endpoint Accessible from Application Containers on Windows

CVE-2018-1197: GCP Metadata Endpoint Accessible from Application Containers on Windows

Severity

Vendor

Affected Cloud Foundry Products and Versions

Description

Mitigation

Credit

History

You Might Also Like

USN-5093-1: Vim vulnerabilities

CVE-2018-1193: gorouter accepts user-provided X-Forwarded-Proto headers

USN-3438-1: Git vulnerability

Sign up for the Cloud Foundry Newsletter today!

Sign up for the
Cloud Foundry Newsletter today!