Back to CVE List

CVE-2026-41857

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.8 / 10
Vector String
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Description

A compromised or malicious BOSH Director can execute arbitrary shell commands on the operator's workstation when the operator runs bosh ssh (or bosh scp/bosh logs -f) with default flags.
Affected versions: BOSH CLI versions prior to 7.10.5.

Vulnerability Details

Published Date
Last Modified
Source
NVD
Vendor
CloudFoundry BOSH
Product
BOSH CLI

External References

Discussion (0)

Add Comment

No comments yet. Be the first!