CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9880
https://notcve.org/view.php?id=CVE-2016-9880
The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker. El broker GemFire para Cloud Foundry, en versiones 1.6.x anteriores a la 1.6.5 y versiones 1.7.x anteriores a la 1.7.1, tiene múltiples endpoints de API que no requieren autenticación y que podrían usarse para obtener acceso al clúster gestionado por el broker. • http://www.securityfocus.com/bid/96146 https://pivotal.io/security/cve-2016-9880 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1227
https://notcve.org/view.php?id=CVE-2018-1227
Pivotal Concourse after 2018-03-05 might allow remote attackers to have an unspecified impact, if a customer obtained the Concourse software from a DNS domain that is no longer controlled by Pivotal. The original domain for the Concourse CI (concourse-dot-ci) open source project has been registered by an unknown actor, and is therefore no longer the official website for Concourse CI. The new official domain is concourse-ci.org. At approximately 4 am EDT on March 7, 2018 the Concourse OSS team began receiving reports that the Concourse domain was not responding. The Concourse OSS team discovered, upon investigation with both the original and the new domain registrars, that the originating domain registrar had made the domain available for purchase. • https://pivotal.io/security/cve-2018-1227 •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-1192
https://notcve.org/view.php?id=CVE-2018-1192
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user. En Cloud Foundry Foundation cf-release en versiones anteriores a v285; cf-deployment anteriores a v1.7; UAA 4.5.x anteriores a 4.5.5, 4.8.x anteriores a 4.8.3 y 4.7.x anteriores a 4.7.4 y UAA-release 45.7.x anteriores a 45.7, 52.7.x anteriores a 52.7 y 53.3.x anteriores a 53.3, SessionID se registra en los logs de eventos de auditoría. Un atacante podría utilizar el SessionID para suplantar un usuario registrado. • https://www.cloudfoundry.org/blog/cve-2018-1192 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 49%CPEs: 15EXPL: 5CVE-2017-8046 – Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-8046
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. Las peticiones PATCH maliciosas enviadas a servidores que utilizan versiones Spring Data REST anteriores a la 2.6.9 (Ingalls SR9), versiones anteriores a la 3.0.1 (Kay SR1) y versiones Spring Boot anteriores a la 1.5.9, 2.0 M6 pueden utilizar datos JSON especialmente diseñados para ejecutar código Java arbitrario. Spring Data REST versions prior to 2.6.9 (Ingalls SR9) and 3.0.1 (Kay SR1) suffer from a PATCH request remote code execution vulnerability. • https://www.exploit-db.com/exploits/44289 https://github.com/Soontao/CVE-2017-8046-DEMO https://github.com/guanjivip/CVE-2017-8046 https://github.com/bkhablenko/CVE-2017-8046 https://github.com/sj/spring-data-rest-CVE-2017-8046 http://www.securityfocus.com/bid/100948 https://access.redhat.com/errata/RHSA-2018:2405 https://pivotal.io/security/cve-2017-8046 https://access.redhat.com/security/cve/CVE-2017-8046 https://bugzilla.redhat.com/show_bug.cgi?id=1553024 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 6%CPEs: 27EXPL: 0CVE-2017-8045
https://notcve.org/view.php?id=CVE-2017-8045
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack. En Pivotal Spring AMQP, en versiones anteriores a la 1.7.4, 1.6.11 y 1.5.7, org.springframework.amqp.core.Message podría deserializarse de forma insegura al convertirse en cadena. Una carga útil maliciosa podría manipularse para explotar esto y permitir un ataque de ejecución remota de código. • http://www.securityfocus.com/bid/100936 https://pivotal.io/security/cve-2017-8045 • CWE-502: Deserialization of Untrusted Data •