Cloud Foundry Foundation
- Cloud Foundry release versions prior to v245
- cf-mysql-release versions prior to v31
A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Foundry.
OSS users are strongly encouraged to follow the mitigations below:
IBM Bluemix Team