CVE-2016-0930

Name of the Vulnerable Software and Affected Versions Pivotal Cloud Foundry (PCF) Ops Manager versions 1.6.0 through 1.6.18 Pivotal Cloud Foundry (PCF) Ops Manager versions 1.7.0 through 1.7.9

Description The issue allows remote attackers to obtain SSH access to compilation VMs by connecting within an installation-time period during which these VMs exist, due to a default password. This is possible when vCloud or vSphere is used.

Recommendations For Pivotal Cloud Foundry (PCF) Ops Manager versions 1.6.0 through 1.6.18, update to version 1.6.19 or later. For Pivotal Cloud Foundry (PCF) Ops Manager versions 1.7.0 through 1.7.9, update to version 1.7.10 or later.