CVE-2016-0780

Name of the Vulnerable Software and Affected Versions cf-release versions prior to v231 Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18

Description The issue is related to the improper enforcement of disk quotas in certain cases. An attacker could exploit this by using an improper disk quota value to bypass enforcement, potentially consuming all the disk on DEAs/CELLs and causing a denial of service for other applications.

Recommendations For cf-release versions prior to v231, update to a version higher than v231 to resolve the issue. For Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17, update to version 1.5.17 or higher to resolve the issue. For Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18, update to version 1.6.18 or higher to resolve the issue.