// For flags

CVE-2016-6658

 

Severity Score

9.6
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a credential in the URL (basic auth or OAuth) to access the buildpack through the CLI. For example, the user could include a GitHub username and password in the URL to access a private repo. Because the URL to access the buildpack is stored unencrypted, an operator with privileged access to the Cloud Controller database could view these credentials.

Applications en cf-release, en versiones anteriores a la 245, puede configurarse e insertarse con un buildpack personalizado proporcionado por el usuario mediante una URL que señale al buildpack. Aunque no se recomienda, un usuario puede especificar una credencial en la URL (basic auth o OAuth) para acceder al buildpack a través del CLI. Por ejemplo, el usuario puede incluir un nombre de usuario y contraseña de GitHub en la URL para acceder a un repositorio privado. Debido a que la URL empleada para acceder al buildpack se almacena sin cifrar, un operador con acceso privilegiado a la base de datos de Cloud Controller podría ver estas credenciales.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-08-10 CVE Reserved
  • 2018-03-29 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cloudfoundry
Search vendor "Cloudfoundry"
Cf-release
Search vendor "Cloudfoundry" for product "Cf-release"
< 245
Search vendor "Cloudfoundry" for product "Cf-release" and version " < 245"
-
Affected
Pivotal Software
Search vendor "Pivotal Software"
Cloud Foundry Elastic Runtime
Search vendor "Pivotal Software" for product "Cloud Foundry Elastic Runtime"
< 1.6.49
Search vendor "Pivotal Software" for product "Cloud Foundry Elastic Runtime" and version " < 1.6.49"
-
Affected
Pivotal Software
Search vendor "Pivotal Software"
Cloud Foundry Elastic Runtime
Search vendor "Pivotal Software" for product "Cloud Foundry Elastic Runtime"
>= 1.7.0 < 1.7.31
Search vendor "Pivotal Software" for product "Cloud Foundry Elastic Runtime" and version " >= 1.7.0 < 1.7.31"
-
Affected
Pivotal Software
Search vendor "Pivotal Software"
Cloud Foundry Elastic Runtime
Search vendor "Pivotal Software" for product "Cloud Foundry Elastic Runtime"
>= 1.8.0 < 1.8.11
Search vendor "Pivotal Software" for product "Cloud Foundry Elastic Runtime" and version " >= 1.8.0 < 1.8.11"
-
Affected