Input validation

2017-05-2517:29:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.3%

JSON

It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications.

CPENameOperatorVersion
cf-releaseeq231
cloud_foundry_elastic_runtimeeq1.6.5
cloud_foundry_elastic_runtimeeq1.6.13
cloud_foundry_elastic_runtimeeq1.5.11
cloud_foundry_elastic_runtimeeq1.6.7
cloud_foundry_elastic_runtimeeq1.6.6
cloud_foundry_elastic_runtimeeq1.5.16
cloud_foundry_elastic_runtimeeq1.5.0
cloud_foundry_elastic_runtimeeq1.5.6
cloud_foundry_elastic_runtimeeq1.5.7

Name	Operator	Version
cf-release	eq	231
cloud_foundry_elastic_runtime	eq	1.6.5
cloud_foundry_elastic_runtime	eq	1.6.13
cloud_foundry_elastic_runtime	eq	1.5.11
cloud_foundry_elastic_runtime	eq	1.6.7
cloud_foundry_elastic_runtime	eq	1.6.6
cloud_foundry_elastic_runtime	eq	1.5.16
cloud_foundry_elastic_runtime	eq	1.5.0
cloud_foundry_elastic_runtime	eq	1.5.6
cloud_foundry_elastic_runtime	eq	1.5.7

Rows per page:

1-10 of 361

References

pivotal.io/security/cve-2016-0780