PT-2017-7659 · Pivotal · Pivotal Cloud Foundry (Pcf) Elastic Runtime+1
Published
2017-05-25
·
Updated
2021-08-25
·
CVE-2016-0780
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
cf-release versions prior to v231
Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17
Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18
Description
The issue is related to the improper enforcement of disk quotas in certain cases. An attacker could exploit this by using an improper disk quota value to bypass enforcement, potentially consuming all the disk on DEAs/CELLs and causing a denial of service for other applications.
Recommendations
For cf-release versions prior to v231, update to a version higher than v231 to resolve the issue.
For Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17, update to version 1.5.17 or higher to resolve the issue.
For Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18, update to version 1.6.18 or higher to resolve the issue.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pivotal Cloud Foundry (Pcf) Elastic Runtime
Cf-Release