CVE-2016-6639 in Cloud Foundry Elastic Runtime
Sumário (Inglês)
Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Reservar
10/08/2016
Divulgação
17/09/2016
Estado
Confirmado
Inscrições
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidade | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 91662 | Pivotal Cloud Foundry Elastic Runtime PHP Buildpack Elevação de Privilégios | 254 | Não definido | Correção oficial | CVE-2016-6639 |
Descrição
CPE
CWE
CVSS
Explorações
História
Diferença
Relacionar
Inteligência de ameaças
API JSON
API XML
API CSV