Cloudfoundry Capi-Release vulnerabilities

CVE-2016-8219 [MEDIUM] CWE-269 CVE-2016-8219: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-releas An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage fails.

CVE-2016-9882 [HIGH] CWE-532 CVE-2016-9882: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-relea An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0. Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often sent to a log aggregator via syslog.