PT-2017-16227 · Pivotal · Pivotal Cloud Foundry+2

Publicado

2017-06-13

Atualizado

2019-10-03

CVE-2017-4959

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pivotal PCF Elastic Runtime versions prior to 1.8.29 Pivotal PCF Elastic Runtime versions prior to 1.9.7

Description An issue was discovered that allows an authorized user to take over the account of another user, causing account lockout and potential escalation of privileges. This issue affects Pivotal Cloud Foundry deployments using the Pivotal Account application.

Recommendations For versions prior to 1.8.29, update to version 1.8.29 or later to resolve the issue. For versions prior to 1.9.7, update to version 1.9.7 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-4959

Produtos afetados

Pivotal Account

Pivotal Cloud Foundry

Pivotal Elastic Runtime

PT-2017-16227 · Pivotal · Pivotal Cloud Foundry+2

CVE-2017-4959

Identificadores relacionados

Produtos afetados

Referências · 5