Affected versions: bosh-cli versions prior to v7.10.4.
Project Subscriptions
No data.
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 07:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Argument Injection in bosh-cli allows a compromised BOSH Director to inject arbitrary OpenSSH options into the locally-spawned ssh process when an operator runs bosh ssh -c, bosh logs -f, or other non-interactive SSH paths, leading to local command execution on the operator's workstation. Affected versions: bosh-cli versions prior to v7.10.4. | |
| Title | Argument Injection in BOSH CLI Allows Local Command Execution on Operator Workstations via Compromised Director | |
| References |
| |
| Metrics |
cvssV3_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: vmware
Published:
Updated: 2026-07-09T13:12:14.523Z
Reserved: 2026-05-20T10:00:48.931Z
Link: CVE-2026-47829
Updated: 2026-07-09T13:12:08.135Z
No data.
No data.
OpenCVE Enrichment
No data.
No weakness.