CVE-2016-0883 in Cloud Foundry Ops Managerinformação

Sumário

de MITRE

Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

17/12/2015

Divulgação

17/09/2016

Moderação

aceite

Entrada

VDB-91639

CPE

pronto

CWE

CWE-287 (confirmado)

CVSS

9.8 (NVD)

EPSS

0.00156

KEV

não

Atividades

muito baixo

Sector

Education, Lawfirm, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-0883
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-0883
CVE Details	https://www.cvedetails.com/cve/CVE-2016-0883/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!