CVE-2016-9880

2018-03-1620:00:00

dell

www.cve.org

AI Score

9.8

Confidence

High

EPSS

0.003

Percentile

69.7%

JSON

The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker.

CNA Affected

[
  {
    "product": "GemFire broker for Cloud Foundry",
    "vendor": "Dell EMC",
    "versions": [
      {
        "status": "affected",
        "version": "1.6.x versions prior to 1.6.5"
      },
      {
        "status": "affected",
        "version": "1.7.x versions prior to 1.7.1"
      }
    ]
  }
]

References

www.securityfocus.com/bid/96146

pivotal.io/security/cve-2016-9880