Path Traversal Vulnerability in Cloud Foundry's Cloud Controller
CVE-2015-1834
6.5MEDIUM
What is CVE-2015-1834?
A path traversal vulnerability was found in Cloud Foundry's Cloud Controller, impacting specific versions of cf-release and Pivotal Cloud Foundry Elastic Runtime. This vulnerability allows remote authenticated attackers to exploit the system by injecting relative file path sequences, such as '../', enabling navigation through the file system. This may lead to the potential uploading of arbitrary files outside designated application containers, posing significant risks to the application's integrity and security.
Affected Version(s)
Cloud Foundry cf-release versions prior to v208
Cloud Foundry Elastic Runtime versions prior to 1.4.2
