CVE-2016-0761

Published on: 05/25/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:12 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Cloud Foundry Elastic Runtime from Pivotal Software contain the following vulnerability:

Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host.

  • CVE-2016-0761 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.
  • Affected Vendor/Software: URL Logo Pivotal - Cloud Foundry version Garden-Linux versions prior to v0.333.0
  • Affected Vendor/Software: URL Logo Pivotal - Cloud Foundry version Elastic Runtime 1.6.x version prior to 1.6.17.

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 10 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
CVE-2016-0761 Docker Image Host Files Corruption | Security | Pivotal Vendor Advisory
pivotal.io
text/html
URL Logo CONFIRM pivotal.io/security/cve-2016-0761

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.0AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.1AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.10AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.11AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.12AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.13AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.14AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.15AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.16AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.2AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.3AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.4AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.5AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.6AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.7AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.8AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.9AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.0AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.1AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.10AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.11AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.12AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.13AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.14AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.15AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.16AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.2AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.3AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.4AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.5AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.6AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.7AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.8AllAllAll
ApplicationPivotal SoftwareCloud Foundry Elastic Runtime1.6.9AllAllAll
ApplicationPivotal SoftwareCloud Foundry Garden LinuxAllAllAllAll
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.16:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.16:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*:
  • cpe:2.3:a:pivotal_software:cloud_foundry_garden_linux:*:*:*:*:*:*:*:*: