Cloud Foundry · Cloud Foundry Capi · CVE-2021-22100
**Name of the Vulnerable Software and Affected Versions**
Cloud Foundry CAPI versions prior to 1.122
**Description**
A denial-of-service attack is possible, where a developer can push a service broker that causes CC instances to timeout and fail. This can be done accidentally or maliciously, allowing an attacker to cause an inability for anyone to push or manage apps.
**Recommendations**
For Cloud Foundry CAPI versions prior to 1.122, update to version 1.122 or later to resolve the issue. As a temporary workaround, consider restricting access to service brokers to minimize the risk of exploitation.