CVE-2018-1197: GCP Metadata Endpoint Accessible from Application Containers on Windows
Severity
High
References
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- Pivotal Application Service for Windows2012R2
- 2.0.x versions prior to 2.0.3
- 1.12.x versions prior to 1.12.7
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry team recommends upgrading BOSH stemcells and/or other OSS components listed here if applicable.
- Releases that have fixed this issue include:
- Pivotal Application Service for Windows2012R2: 2.1.0, 2.0.3, 1.12.7