Cloud Foundry Foundation · Bosh Azure Cpi · CVE-2017-4964
**Name of the Vulnerable Software and Affected Versions**
Cloud Foundry Foundation BOSH Azure CPI version v22
**Description**
The issue allows a maliciously crafted stemcell to potentially execute arbitrary code on VMs created by the director. This is described as a CPI code injection issue.
**Recommendations**
For Cloud Foundry Foundation BOSH Azure CPI version v22, update to a version that includes the fix for this issue to prevent potential code injection.