CVE-2016-0780

Published May 25, 2017

Last updated 3 years ago

CVSS high 7.5

Overview

Description: It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cloudfoundry:cf-release:231:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBA563A9-3C12-4F83-9E63-BC03636BC799"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "472AA352-D04B-45D0-AAD7-95CE0738E9AE"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9619B693-4B49-4FDC-AB49-5E6B2F124AB8"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7C2DED8-D527-4732-B57F-489CF5626352"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D585B534-0CD9-400D-A237-B026A83082C6"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50C759FB-0796-4214-B085-0565AB75C216"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8430DACA-7518-47BB-A89F-B7E83190C54C"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29F9167C-F195-4004-9EF4-43F199F05E3C"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B486D0-318D-4912-A992-5B89D93C11BB"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E015CE12-73EB-4FAD-B569-719F93685B0D"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16AE14C4-FA84-4E8B-9231-83DB4F71DC35"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06576161-44B7-4EB1-8C26-C49CFF3FD11B"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6F9581A-42DB-4ADE-AFA1-2364371CC24A"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DCDE033-923F-4338-9E45-22FE684B43ED"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D300B952-8EF3-4CB1-88B6-125837C3474B"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71AFAFE8-3B21-4AF0-8B3D-597FEEFEEDE6"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21202F77-DF05-4A07-8CEB-76DD03395957"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A9BA6EB-6BC0-4A74-9726-3F242D00FE78"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4CC5918-BC38-46E3-8000-5FE87A65C0E7"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36926681-35F4-4619-9613-155DEEEA3C8F"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41FF3C2B-E96F-4DF7-A5C4-703206CB729E"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9CB3C2D-3080-4A3D-8D8D-1381B5D98920"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "782781EB-147C-4B00-84C5-1D8443BFA2D6"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35A56755-EEB2-4C93-B180-3918A36965AA"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4009F10-08AF-470B-B903-38B8A6DBF332"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B2E8F04-53E6-4A3C-BE4B-8D0DDA22CA8C"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "790DAB24-893A-463F-8358-171DACD75074"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3645A1A8-4945-447F-A968-101D5938F9C8"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E52C9B9-8F94-48D8-ADA6-96918F6AAD36"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3948FC2F-AF3B-4AF3-968D-F124D03A213A"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BA44F9B-97D5-48C0-91E9-6D3FEC8B7773"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B414F88-6541-48C6-B9D6-4DDA035A0037"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66235C7F-D5EE-4989-8D24-6D0781954234"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12E75B49-2419-4313-A648-B5283DA620E7"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EED70273-3FB2-4652-9AA2-10E2E9D581DE"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2C07910-C462-46C1-83CB-39B3FD8D25BC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References