Lucene search

[email protected]CVE-2016-0713

HistoryAug 31, 2017 - 2:29 p.m.

CVE-2016-0713

2017-08-3114:29:00

CWE-79

[email protected]

web.nvd.nist.gov

gorouter

cloud foundry

cf-release

v141

v228

cve-2016-0713

vulnerability

xss

cross-site scripting

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.6%

JSON

Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.

Affected configurations

NVD

Node

cloudfoundrycf-releaseMatch141

cloudfoundrycf-releaseMatch142

cloudfoundrycf-releaseMatch143

cloudfoundrycf-releaseMatch144

cloudfoundrycf-releaseMatch145

cloudfoundrycf-releaseMatch146

cloudfoundrycf-releaseMatch147

cloudfoundrycf-releaseMatch148

cloudfoundrycf-releaseMatch149

cloudfoundrycf-releaseMatch150

cloudfoundrycf-releaseMatch151

cloudfoundrycf-releaseMatch152

cloudfoundrycf-releaseMatch153

cloudfoundrycf-releaseMatch154

cloudfoundrycf-releaseMatch155

cloudfoundrycf-releaseMatch156

cloudfoundrycf-releaseMatch157

cloudfoundrycf-releaseMatch158

cloudfoundrycf-releaseMatch159

cloudfoundrycf-releaseMatch160

cloudfoundrycf-releaseMatch161

cloudfoundrycf-releaseMatch162

cloudfoundrycf-releaseMatch163

cloudfoundrycf-releaseMatch164

cloudfoundrycf-releaseMatch165

cloudfoundrycf-releaseMatch166

cloudfoundrycf-releaseMatch167

cloudfoundrycf-releaseMatch168

cloudfoundrycf-releaseMatch169

cloudfoundrycf-releaseMatch170

cloudfoundrycf-releaseMatch171

cloudfoundrycf-releaseMatch172

cloudfoundrycf-releaseMatch173

cloudfoundrycf-releaseMatch174

cloudfoundrycf-releaseMatch175

cloudfoundrycf-releaseMatch176

cloudfoundrycf-releaseMatch177

cloudfoundrycf-releaseMatch178

cloudfoundrycf-releaseMatch179

cloudfoundrycf-releaseMatch180

cloudfoundrycf-releaseMatch181

cloudfoundrycf-releaseMatch182

cloudfoundrycf-releaseMatch183

cloudfoundrycf-releaseMatch184

cloudfoundrycf-releaseMatch185

cloudfoundrycf-releaseMatch186

cloudfoundrycf-releaseMatch187

cloudfoundrycf-releaseMatch188

cloudfoundrycf-releaseMatch189

cloudfoundrycf-releaseMatch190

cloudfoundrycf-releaseMatch191

cloudfoundrycf-releaseMatch192

cloudfoundrycf-releaseMatch193

cloudfoundrycf-releaseMatch194

cloudfoundrycf-releaseMatch195

cloudfoundrycf-releaseMatch196

cloudfoundrycf-releaseMatch197

cloudfoundrycf-releaseMatch198

cloudfoundrycf-releaseMatch199

cloudfoundrycf-releaseMatch200

cloudfoundrycf-releaseMatch201

cloudfoundrycf-releaseMatch202

cloudfoundrycf-releaseMatch203

cloudfoundrycf-releaseMatch204

cloudfoundrycf-releaseMatch205

cloudfoundrycf-releaseMatch206

cloudfoundrycf-releaseMatch207

cloudfoundrycf-releaseMatch208

cloudfoundrycf-releaseMatch209

cloudfoundrycf-releaseMatch210

cloudfoundrycf-releaseMatch211

cloudfoundrycf-releaseMatch212

cloudfoundrycf-releaseMatch213

cloudfoundrycf-releaseMatch214

cloudfoundrycf-releaseMatch215

cloudfoundrycf-releaseMatch216

cloudfoundrycf-releaseMatch217

cloudfoundrycf-releaseMatch218

cloudfoundrycf-releaseMatch219

cloudfoundrycf-releaseMatch220

cloudfoundrycf-releaseMatch221

cloudfoundrycf-releaseMatch222

cloudfoundrycf-releaseMatch223

cloudfoundrycf-releaseMatch224

cloudfoundrycf-releaseMatch225

cloudfoundrycf-releaseMatch226

cloudfoundrycf-releaseMatch227

cloudfoundrycf-releaseMatch228

CPENameOperatorVersion
cloudfoundry:cf-releasecloudfoundry cf-releaseeq141
cloudfoundry:cf-releasecloudfoundry cf-releaseeq142
cloudfoundry:cf-releasecloudfoundry cf-releaseeq143
cloudfoundry:cf-releasecloudfoundry cf-releaseeq144
cloudfoundry:cf-releasecloudfoundry cf-releaseeq145
cloudfoundry:cf-releasecloudfoundry cf-releaseeq146
cloudfoundry:cf-releasecloudfoundry cf-releaseeq147
cloudfoundry:cf-releasecloudfoundry cf-releaseeq148
cloudfoundry:cf-releasecloudfoundry cf-releaseeq149
cloudfoundry:cf-releasecloudfoundry cf-releaseeq150

CPE	Name	Operator	Version
cloudfoundry:cf-release	cloudfoundry cf-release	eq	141
cloudfoundry:cf-release	cloudfoundry cf-release	eq	142
cloudfoundry:cf-release	cloudfoundry cf-release	eq	143
cloudfoundry:cf-release	cloudfoundry cf-release	eq	144
cloudfoundry:cf-release	cloudfoundry cf-release	eq	145
cloudfoundry:cf-release	cloudfoundry cf-release	eq	146
cloudfoundry:cf-release	cloudfoundry cf-release	eq	147
cloudfoundry:cf-release	cloudfoundry cf-release	eq	148
cloudfoundry:cf-release	cloudfoundry cf-release	eq	149
cloudfoundry:cf-release	cloudfoundry cf-release	eq	150

Rows per page:

1-10 of 881

References

bosh.io/releases/github.com/cloudfoundry/cf-release?version=229

lists.cloudfoundry.org/archives/list/cf-dev%40lists.cloudfoundry.org/thread/VWDLUNTDKW5CW5JWEM5BOHLJ3J32TAFF/

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.6%

JSON

Related for CVE-2016-0713

prion1 osv1 nvd1 cloudfoundry1 cvelist1