CVE-2016-9882

Name of the Vulnerable Software and Affected Versions Cloud Foundry Foundation cf-release versions prior to v250 CAPI-release versions prior to v1.12.0

Description An issue was discovered where Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often sent to a log aggregator via syslog.

Recommendations For Cloud Foundry Foundation cf-release versions prior to v250, update to version v250 or later to resolve the issue. For CAPI-release versions prior to v1.12.0, update to version v1.12.0 or later to resolve the issue.