8.8

CVE-2017-4959

EPSS 0.53%
Veröffentlicht 13.06.2017 06:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions prior to 1.8.29 and 1.9.x versions prior to 1.9.7. Pivotal Cloud Foundry deployments using the Pivotal Account application are vulnerable to a flaw which allows an authorized user to take over the account of another user, causing account lockout and potential escalation of privileges.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.0

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.1

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.2

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.3

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.4

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.5

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.6

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.7

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.8

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.9

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.10

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.11

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.12

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.13

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.14

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.15

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.16

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.17

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.18

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.19

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.20

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.21

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.22

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.23

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.24

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.25

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.26

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.27

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.28

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.0

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.1

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.2

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.3

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.4

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.5

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.53%	0.644

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://www.securityfocus.com/bid/96218

Third Party Advisory

VDB Entry

https://pivotal.io/security/cve-2017-4959

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-4959

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-4959

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-4959

EUVD