CVE-2016-0897
Published on: 09/17/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:13 PM UTC
Certain versions of Operations Manager from Pivotal Software contain the following vulnerability:
Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.
- CVE-2016-0897 has been assigned by
[email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.
CVSS3 Score: 9.8 - CRITICAL
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | NONE | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.5 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
CVE-2016-0897 Ops Manager vSphere and vCloud vulnerability | Security | Pivotal | Vendor Advisory pivotal.io text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
- cpe:2.3:a:pivotal_software:operations_manager:1.7.0:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.1:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.2:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.3:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.4:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.5:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.6:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.7:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.0:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.1:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.2:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.3:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.4:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.5:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.6:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:1.7.7:*:*:*:*:*:*:*:
- cpe:2.3:a:pivotal_software:operations_manager:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE