Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for bosh_stemcell by pivotal

    CVE-2016-4435 (GCVE-0-2016-4435)

    Vulnerability from nvd – Published: 2017-05-25 17:00 – Updated: 2024-08-06 00:32
    VLAI
    Summary
    An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.
    Severity
    No CVSS data available.
    CWE
    • DoS
    Assigner
    References
    URL Tags
    https://pivotal.io/security/cve-2016-4435 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Pivotal Cloud Foundry Affected: BOSH stemcell versions prior to 3232.6 and 3146.13
    Create a notification for this product.
    Date Public
    2016-06-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:32:24.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://pivotal.io/security/cve-2016-4435"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Foundry",
              "vendor": "Pivotal",
              "versions": [
                {
                  "status": "affected",
                  "version": "BOSH stemcell versions prior to 3232.6 and 3146.13"
                }
              ]
            }
          ],
          "datePublic": "2016-06-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DoS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-05-25T16:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://pivotal.io/security/cve-2016-4435"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "ID": "CVE-2016-4435",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Foundry",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "BOSH stemcell versions prior to 3232.6 and 3146.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Pivotal"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DoS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://pivotal.io/security/cve-2016-4435",
                  "refsource": "CONFIRM",
                  "url": "https://pivotal.io/security/cve-2016-4435"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2016-4435",
        "datePublished": "2017-05-25T17:00:00.000Z",
        "dateReserved": "2016-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T00:32:24.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-4435 (GCVE-0-2016-4435)

    Vulnerability from cvelistv5 – Published: 2017-05-25 17:00 – Updated: 2024-08-06 00:32
    VLAI
    Summary
    An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.
    Severity
    No CVSS data available.
    CWE
    • DoS
    Assigner
    References
    URL Tags
    https://pivotal.io/security/cve-2016-4435 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Pivotal Cloud Foundry Affected: BOSH stemcell versions prior to 3232.6 and 3146.13
    Create a notification for this product.
    Date Public
    2016-06-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:32:24.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://pivotal.io/security/cve-2016-4435"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Foundry",
              "vendor": "Pivotal",
              "versions": [
                {
                  "status": "affected",
                  "version": "BOSH stemcell versions prior to 3232.6 and 3146.13"
                }
              ]
            }
          ],
          "datePublic": "2016-06-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DoS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-05-25T16:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://pivotal.io/security/cve-2016-4435"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "ID": "CVE-2016-4435",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Foundry",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "BOSH stemcell versions prior to 3232.6 and 3146.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Pivotal"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DoS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://pivotal.io/security/cve-2016-4435",
                  "refsource": "CONFIRM",
                  "url": "https://pivotal.io/security/cve-2016-4435"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2016-4435",
        "datePublished": "2017-05-25T17:00:00.000Z",
        "dateReserved": "2016-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T00:32:24.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }