CVE-2017-8038: Credentials readable from CredHub endpoint
Severity
High
References
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- No Pivotal Cloud Foundry products are affected by this CVE. PCF Operations Manager began including CredHub in 1.11.0, but they did not release a version of Ops Manager using the affected CredHub release.
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry team recommends upgrading BOSH stemcells and/or other OSS components listed here if applicable.