CVE-2016-0715Sensitive Information Exposure in Software Cloud Foundry Elastic Runtime

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
0.2%
top 56.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Pivotal Software Cloud Foundry Elastic RuntimePivotal Cloud Foundry Elastic Runtime
Timeline
PublishedSep 11
Latest updateMay 13

Description

Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files dire

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5pivotal/pivotal_cloud_foundry_elastic_runtime1.4.0 through 1.4.5, 1.5.0 through 1.5.11, 1.6.0 through 1.6.11+2

🔴Vulnerability Details

2
GHSA
GHSA-rp33-25mp-qmv4: Pivotal Cloud Foundry Elastic Runtime version 12022-05-13
CVEList
CVE-2016-0715: Pivotal Cloud Foundry Elastic Runtime version 12018-09-11
CVE-2016-0715 — Sensitive Information Exposure | cvebase