All Vulnerability Reports

CVE-2016-6659 UAA Privilege Escalation


Severity

High

References
Affected Pivotal Products and Versions

Severity is high unless otherwise noted.

  • PCF Operations Manager:
    • 1.6.x versions prior to: 1.6.26
    • 1.7.x versions prior to: 1.7.19
    • 1.8.x versions prior to: 1.8.11
  • PCF Elastic Runtime:
    • 1.6.x versions prior to: 1.6.58
    • 1.7.x versions prior to: 1.7.39
    • 1.8.x versions prior to: 1.8.21
Mitigation

Users of affected versions should apply the following mitigation:

  • PCF Operations Manager:
    • 1.6.x versions prior to 1.6.26 should be upgraded to the latest version
    • 1.7.x versions prior to 1.7.19 should be upgraded to the latest version
    • 1.8.x versions prior to 1.8.11 should be upgraded to the latest version
  • PCF Elastic Runtime:
    • 1.6.x versions prior to 1.6.58 should be upgraded to the latest version
    • 1.7.x versions prior to 1.7.39 should be upgraded to the latest version
    • 1.8.x versions prior to 1.8.21 should be upgraded to the latest version