NVD

Id
86926  
Name
CVE-2017-4959  
Description
An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions prior to 1.8.29 and 1.9.x versions prior to 1.9.7. Pivotal Cloud Foundry deployments using the Pivotal Account application are vulnerable to a flaw which allows an authorized user to take over the account of another user, causing account lockout and potential escalation of privileges.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2017-06-13  
Modified Date
2017-07-03  
Seq
2017-4959  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
68837 JVNDB-2017-005094 Pivotal Cloud Foundry Elastic Runtime における認可・権限・アクセス制御に関する脆弱性 Pivotal Cloud Foundry Elastic Runtime には、認可・権限・アクセス制御に関する脆弱性が存在します。 CVE-2017-4959 0 CVE-2017-4959 86926 6.5 8.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-005094.html 2017-02-14 2017-07-14 View