CVE-2026-41857
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.8 / 10
Vector String
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Description
A compromised or malicious BOSH Director can execute arbitrary shell commands on the operator's workstation when the operator runs bosh ssh (or bosh scp/bosh logs -f) with default flags.
Affected versions: BOSH CLI versions prior to 7.10.5.
Affected versions: BOSH CLI versions prior to 7.10.5.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Vendor
CloudFoundry BOSH
Product
BOSH CLI
Discussion (0)
Add Comment
No comments yet. Be the first!