CVE-2016-0897 Ops Manager vSphere and vCloud vulnerability
Severity
High
Vendor
Pivotal
Versions Affected
- vSphere and vCloud deployments of Pivotal Ops Manager, all versions prior to 1.6.17 AND 1.7.x versions prior to 1.7.8
Description
Under some circumstances, PCF deployments do not properly configure operator-level access via SSH authentication.
Mitigation
Pivotal Ops Manager users on vSphere or vCloud deployments should follow the appropriate mitigation below:
- Upgrade Ops Manager versions 1.6.x and lower to 1.6.17
- Upgrade Ops Manager 1.7.x versions to 1.7.8