8.8

CVE-2017-4959

EPSS 0.53%
Published 13.06.2017 06:29:00
Last modified 20.04.2025 01:37:25
Source security_alert@emc.com
Teams watchlist Login
Open Login

An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions prior to 1.8.29 and 1.9.x versions prior to 1.9.7. Pivotal Cloud Foundry deployments using the Pivotal Account application are vulnerable to a flaw which allows an authorized user to take over the account of another user, causing account lockout and potential escalation of privileges.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.0

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.1

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.2

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.3

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.4

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.5

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.6

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.7

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.8

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.9

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.10

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.11

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.12

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.13

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.14

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.15

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.16

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.17

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.18

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.19

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.20

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.21

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.22

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.23

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.24

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.25

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.26

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.27

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.8.28

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.0

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.1

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.2

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.3

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.4

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.5

Pivotal Software ≫ Cloud Foundry Elastic Runtime Version1.9.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.53%	0.644

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://www.securityfocus.com/bid/96218

Third Party Advisory

VDB Entry

https://pivotal.io/security/cve-2017-4959

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-4959

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-4959

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-4959

EUVD