CVE-2023-34061

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.

Published: Jan 12, 2024
Updated: Jan 19, 2024
CVE: CVE-2023-34061
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
pivotal / cloud_foundry_deployment	0.28.0	33.5.0.x
pivotal / cloud_foundry_routing_release	0.163.0	0.283.0.x

https://www.cloudfoundry.org/blog/cve-2023-34061-gorouter-route-pruning/

Vulnerability Database

289,599

CVE-2023-34061