CVE-2016-8219: Space Auditor can restage apps


CVE-2016-8219: Space Auditor can restage apps

Severity

Medium

Vendor

Cloud Foundry Foundation

Versions Affected

  • cf-release versions prior to 250
  • CAPI-release versions prior to 1.12.0

Description

A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage fails.

Mitigation

Users of affected versions should apply the following mitigation:

  • Upgrade to cf-release version 250 or later
  • Upgrade to CAPI-release version 1.12.0 or later