CVE-2016-0761

{"id": "CVE-2016-0761", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-05-25T17:29:00.490", "references": [{"url": "https://pivotal.io/security/cve-2016-0761", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}, {"url": "https://pivotal.io/security/cve-2016-0761", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-19"}]}], "descriptions": [{"lang": "en", "value": "Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host."}, {"lang": "es", "value": "Garden-Linux versiones anteriores a v0.333.0 y Elastic Runtime versiones 1.6.x anteriores a 1.6.17 de Cloud Foundry, contienen un fallo en la administraci\u00f3n de archivos de contenedor durante la preparaci\u00f3n de la imagen Docker que se podr\u00eda usar para eliminar, corromper o sobrescribir archivos y directorios del host, incluyendo otros sistemas de archivos de contenedor en el host."}], "lastModified": "2024-11-21T02:42:19.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:garden_linux:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4924F19F-491B-4CD8-936F-8E1984899580", "versionEndIncluding": "0.332.0"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CC5918-BC38-46E3-8000-5FE87A65C0E7"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36926681-35F4-4619-9613-155DEEEA3C8F"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41FF3C2B-E96F-4DF7-A5C4-703206CB729E"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9CB3C2D-3080-4A3D-8D8D-1381B5D98920"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "782781EB-147C-4B00-84C5-1D8443BFA2D6"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35A56755-EEB2-4C93-B180-3918A36965AA"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4009F10-08AF-470B-B903-38B8A6DBF332"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B2E8F04-53E6-4A3C-BE4B-8D0DDA22CA8C"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "790DAB24-893A-463F-8358-171DACD75074"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3645A1A8-4945-447F-A968-101D5938F9C8"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E52C9B9-8F94-48D8-ADA6-96918F6AAD36"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3948FC2F-AF3B-4AF3-968D-F124D03A213A"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BA44F9B-97D5-48C0-91E9-6D3FEC8B7773"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B414F88-6541-48C6-B9D6-4DDA035A0037"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66235C7F-D5EE-4989-8D24-6D0781954234"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12E75B49-2419-4313-A648-B5283DA620E7"}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EED70273-3FB2-4652-9AA2-10E2E9D581DE"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}