CVE-2016-0897 — Software Operations Manager vulnerability

CWE-3103 documents3 sources

Severity

9.8CRITICALNVD

EPSS

0.5%

top 34.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pivotal Software Operations Manager

Timeline

PublishedSep 18

Latest updateMay 17

Description

Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDpivotal_software/operations_manager1.6.16+8

🔴Vulnerability Details

GHSA

GHSA-9j6w-4w73-52jh: Pivotal Cloud Foundry (PCF) Ops Manager before 1↗2022-05-17

▶

CVEList

CVE-2016-0897: Pivotal Cloud Foundry (PCF) Ops Manager before 1↗2016-09-18

▶