EPSS
Percentile
38.6%
BOSH Backup and Restore is vulnerable to remote code execution (RCE). A remotely authenticated user is able to request extra backup files in a backup and restore job by modifying the metadata file, resulting in possible execution of arbitrary code.
www.cloudfoundry.org/blog/cve-2019-3786
www.cloudfoundry.org/blog/cve-2019-3786/