What is the severity of CVE-2017-8047?

CVE-2017-8047 is classified as a moderate severity vulnerability due to its potential for exploitation in phishing attacks.

How do I fix CVE-2017-8047?

To fix CVE-2017-8047, upgrade to Cloud Foundry router routing-release version 0.163.0 or later and cf-release version 274 or later.

What versions are affected by CVE-2017-8047?

CVE-2017-8047 affects Cloud Foundry router routing-release versions prior to 0.163.0 and cf-release versions prior to 274.

What type of vulnerability is CVE-2017-8047?

CVE-2017-8047 is an open redirect vulnerability that can be exploited in applications using Cloud Foundry.

Can CVE-2017-8047 lead to further attacks?

Yes, CVE-2017-8047 can be used by attackers to carry out phishing attacks which may lead to credential theft.

Vulnerability/
CVE-2017-8047

medium

6.1

CWE

601

3/10/2017

5/8/2024

CVE-2017-8047

First published: Tue Oct 03 2017(Updated: )

In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Cloud Foundry CF Release	<=273
Pivotal Routing Release	<=0.162.0

Never miss a vulnerability like this again

Reference Links

https://www.cloudfoundry.org/cve-2017-8047/

Frequently Asked Questions

What is the severity of CVE-2017-8047?
CVE-2017-8047 is classified as a moderate severity vulnerability due to its potential for exploitation in phishing attacks.
How do I fix CVE-2017-8047?
To fix CVE-2017-8047, upgrade to Cloud Foundry router routing-release version 0.163.0 or later and cf-release version 274 or later.
What versions are affected by CVE-2017-8047?
CVE-2017-8047 affects Cloud Foundry router routing-release versions prior to 0.163.0 and cf-release versions prior to 274.
What type of vulnerability is CVE-2017-8047?
CVE-2017-8047 is an open redirect vulnerability that can be exploited in applications using Cloud Foundry.
Can CVE-2017-8047 lead to further attacks?
Yes, CVE-2017-8047 can be used by attackers to carry out phishing attacks which may lead to credential theft.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cloudfoundry
canonical/cloud foundry cf release
version/cloud foundry cf release/273
vendor/pivotal
canonical/pivotal routing release
version/pivotal routing release/0.162.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.