Filtered by vendor Cloudfoundry
Subscriptions
Filtered by product Bosh-windows-stemcell-builder
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-47830 | 1 Cloudfoundry | 1 Bosh-windows-stemcell-builder | 2026-07-10 | N/A |
| Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe and gain NT AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full host control. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98. | ||||
| CVE-2026-47831 | 1 Cloudfoundry | 1 Bosh-windows-stemcell-builder | 2026-07-10 | N/A |
| Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a remote attacker to brute-force the resulting SSH login via TCP/22. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98. | ||||
Page 1 of 1.