CVE-2016-0897
Published Sep 18, 2016
Last updated 8 years ago
Overview
- Description
- Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-310
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC0FBDBF-118B-4573-95A1-E3DE377DC2A2",
"versionEndIncluding": "1.6.16"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "466DD7AA-9D45-44AC-8C08-2A9F4418423B"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B495324-F0E0-4E62-BC58-79253B446210"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F2D8956-202D-4724-A993-91A1A0B4A7A6"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F3A06FD-DB82-43E6-8BC2-B42F6A584500"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "713FA212-3A93-4976-9B03-20880E7BDA13"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F174314-AF3D-4A21-A221-819B4B41905F"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E6952CD-766A-49D8-B250-DD530E1E34A2"
},
{
"criteria": "cpe:2.3:a:pivotal_software:operations_manager:1.7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A11FF40F-EA13-41BA-9D35-3A83C08D4B41"
}
],
"operator": "OR"
}
]
}
]