Vulnerability Name:

CVE-2016-6639 (CCN-117094)

Assigned:2016-09-07
Published:2016-09-07
Updated:2021-09-09
Summary:Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-254
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2016-6639

Source: XF
Type: UNKNOWN
cloudfoundry-cve20166639-info-disc(117094)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/cloudfoundry/php-buildpack/commit/e2db3ccd4812e0c0aba20720fc51789d981aba67

Source: CCN
Type: Pivotal Web site
CVE-2016-6639 PHP Buildpack exposes .profile file

Source: CONFIRM
Type: Vendor Advisory
https://pivotal.io/security/cve-2016-6639

Source: CCN
Type: Cloud Fundry Web Site
Cloud Foundry | The Industry Standard for Cloud Applications

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-6639

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cloudfoundry:php-buildpack:*:*:*:*:*:*:*:* (Version <= 4.3.17)

    • Configuration 2:
  • cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.7:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.8:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.13:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.14:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.15:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.16:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.17:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.9:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.11:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.18:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.10:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:1.7.12:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal:cloud_foundry_elastic_runtime:*:*:*:*:*:*:*:* (Version <= 1.6.37)

    • Configuration CCN 1:
  • cpe:/a:cloud_foundry:php_buildpack:4.3.17:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_cf-release:241:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cloudfoundry php-buildpack *
    pivotal cloud foundry elastic runtime 1.7.5
    pivotal cloud foundry elastic runtime 1.7.6
    pivotal cloud foundry elastic runtime 1.7.7
    pivotal cloud foundry elastic runtime 1.7.8
    pivotal cloud foundry elastic runtime 1.7.0
    pivotal cloud foundry elastic runtime 1.7.13
    pivotal cloud foundry elastic runtime 1.7.14
    pivotal cloud foundry elastic runtime 1.7.15
    pivotal cloud foundry elastic runtime 1.7.16
    pivotal cloud foundry elastic runtime 1.7.17
    pivotal cloud foundry elastic runtime 1.7.2
    pivotal cloud foundry elastic runtime 1.7.4
    pivotal cloud foundry elastic runtime 1.7.9
    pivotal cloud foundry elastic runtime 1.7.11
    pivotal cloud foundry elastic runtime 1.7.18
    pivotal cloud foundry elastic runtime 1.7.1
    pivotal cloud foundry elastic runtime 1.7.3
    pivotal cloud foundry elastic runtime 1.7.10
    pivotal cloud foundry elastic runtime 1.7.12
    pivotal cloud foundry elastic runtime *
    cloud_foundry php buildpack 4.3.17
    pivotal_software cloud foundry cf-release 241