Description
When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_log_id'] and format_exception (line 318-325) reads exception['blobstore_id']; both pass the agent-supplied string unmodified to download_and_delete_blob(blob_id) (line 344-349), which calls @resource_manager.get_resource(blob_id) and, in an ensure block, @resource_manager.delete_resource(blob_id). Api::ResourceManager forwards the id straight to blobstore.get(id) / blobstore.delete(id). When the director is configured with the local blobstore provider, Blobstore::LocalClient#object_file_path(oid) is File.join(@blobstore_path, oid) (local_client.rb:54-56) with no normalisation, so oid = "../../jobs/director/config/director.yml" resolves outside the blobstore root.

Affected versions:
BOSH Director: All versions prior to v282.1.12
Published: 2026-05-27
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from BOSH Director’s handling of compile_package responses. The agent returns a blob ID that BOSH Director trusts and forwards unchanged to the blobstore client for download_and_delete_blob. When the blobstore is local, the ID is interpreted as a file path without normalization. An attacker who can influence the agent’s blob ID can cause BOSH to open or delete files outside the blobstore root, exposing sensitive files such as director.yml or other configuration data. The flaw represents a classic path‑traversal (CWE‑22) that allows arbitrary reading and deletion of files on the host running the director.

Affected Systems

Affected systems are Cloud Foundry Foundation’s BOSH Director before version 282.1.12. All releases prior to 282.1.12 are vulnerable; versions 282.1.12 and later contain the patch that normalizes blob identifiers before use.

Risk and Exploitability

The CVSS base score is 4.3, indicating a moderate impact. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local access to the director’s compile_package workflow; an authenticated user who can submit a compile request can supply a crafted blob ID. Because the attack vector is local, the risk to remote attackers is limited unless the director is exposed to untrusted users. Nevertheless, the ability to read or delete sensitive configuration files can lead to privilege escalation or service disruption, warranting timely remediation.

Generated by OpenCVE AI on May 27, 2026 at 09:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade BOSH Director to version 282.1.12 or later. This release normalizes blob identifiers before passing them to the blobstore client.
  • If an upgrade is not immediately possible, restrict the blobstore path to a directory owned by the BOSH process with limited permissions, or switch to a non‑local blobstore provider such as S3 to eliminate file‑system path resolution.
  • Configure BOSH Director and its agent processes to run with the least privilege and ensure the director.yml file is protected by appropriate file‑system permissions to prevent unauthorized read or delete operations.

Generated by OpenCVE AI on May 27, 2026 at 09:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Cloud Foundry Foundation
Cloud Foundry Foundation bosh Director
Vendors & Products Cloud Foundry Foundation
Cloud Foundry Foundation bosh Director

Wed, 27 May 2026 08:00:00 +0000

Type Values Removed Values Added
Description When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_log_id'] and format_exception (line 318-325) reads exception['blobstore_id']; both pass the agent-supplied string unmodified to download_and_delete_blob(blob_id) (line 344-349), which calls @resource_manager.get_resource(blob_id) and, in an ensure block, @resource_manager.delete_resource(blob_id). Api::ResourceManager forwards the id straight to blobstore.get(id) / blobstore.delete(id). When the director is configured with the local blobstore provider, Blobstore::LocalClient#object_file_path(oid) is File.join(@blobstore_path, oid) (local_client.rb:54-56) with no normalisation, so oid = "../../jobs/director/config/director.yml" resolves outside the blobstore root. Affected versions: BOSH Director: All versions prior to v282.1.12
Title Local Blobstore may allow arbitrary reads/deletes
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:L'}

cvssV4_0

{'score': 4.3, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:L'}

Subscriptions

Cloud Foundry Foundation Bosh Director
cve-icon MITRE

Status: PUBLISHED

Assigner: vmware

Published:

Updated: 2026-05-27T06:45:11.124Z

Reserved: 2026-04-16T02:19:16.426Z

Link: CVE-2026-41009

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-27T08:16:43.647

Modified: 2026-05-27T08:16:43.647

Link: CVE-2026-41009

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T10:06:42Z

Weaknesses