CVE-2021-22100

Name of the Vulnerable Software and Affected Versions Cloud Foundry CAPI versions prior to 1.122

Description A denial-of-service attack is possible, where a developer can push a service broker that causes CC instances to timeout and fail. This can be done accidentally or maliciously, allowing an attacker to cause an inability for anyone to push or manage apps.

Recommendations For Cloud Foundry CAPI versions prior to 1.122, update to version 1.122 or later to resolve the issue. As a temporary workaround, consider restricting access to service brokers to minimize the risk of exploitation.