CVE-2016-4468

Name of the Vulnerable Software and Affected Versions Pivotal Cloud Foundry (PCF) versions before 238 UAA versions 2.x before 2.7.4.4 UAA versions 3.x before 3.3.0.2 UAA versions 3.4.x before 3.4.1 UAA BOSH versions before 11.2 UAA BOSH versions 12.x before 12.2 Elastic Runtime versions before 1.6.29 Elastic Runtime versions 1.7.x before 1.7.7 Ops Manager versions 1.7.x before 1.7.8

Description The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Recommendations For Pivotal Cloud Foundry (PCF) versions before 238, update to version 238 or later. For UAA versions 2.x before 2.7.4.4, update to version 2.7.4.4 or later. For UAA versions 3.x before 3.3.0.2, update to version 3.3.0.2 or later. For UAA versions 3.4.x before 3.4.1, update to version 3.4.1 or later. For UAA BOSH versions before 11.2, update to version 11.2 or later. For UAA BOSH versions 12.x before 12.2, update to version 12.2 or later. For Elastic Runtime versions before 1.6.29, update to version 1.6.29 or later. For Elastic Runtime versions 1.7.x before 1.7.7, update to version 1.7.7 or later. For Ops Manager versions 1.7.x before 1.7.8, update to version 1.7.8 or later.