First published: Thu Apr 20 2017(Updated: )
The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cloud Foundry CF Release | <=254 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-4969 is classified as a medium severity vulnerability due to its potential impact on resource management.
To mitigate CVE-2017-4969, upgrade your Cloud Foundry cf-release to version 255 or later.
CVE-2017-4969 is caused by the Cloud Controller not properly enforcing memory and disk quotas for authenticated developer users.
Authenticated developer users in Cloud Foundry cf-release versions prior to 255 are at risk of exceeding their allocated resources.
The potential impact of CVE-2017-4969 includes unauthorized resource consumption which can lead to service degradation.