Vulnerability Name:

CVE-2016-6651 (CCN-117391)

Assigned:2016-08-10
Published:2016-08-10
Updated:2021-08-06
Summary:The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before 243; UAA 2.x before 2.7.4.8, 3.x before 3.3.0.6, and 3.4.x before 3.4.5; UAA BOSH before 11.7 and 12.x before 12.6; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.2; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 allows remote authenticated users to gain privileges by leveraging possession of a token.
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2016-6651

Source: BID
Type: UNKNOWN
93241

Source: XF
Type: UNKNOWN
pivotal-cve20166651-priv-esc(117391)

Source: CCN
Type: Pivotal Web site
CVE-2016-6651 Privilege Escalation in UAA

Source: CONFIRM
Type: Mitigation, Vendor Advisory
https://pivotal.io/security/cve-2016-6651

Vulnerable Configuration:Configuration 1:
  • cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.7:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.33:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.32:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.31:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.23:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.22:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.10:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.10:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.18:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.28:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.11:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.9:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.36:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.18:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.17:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.37:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.27:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.19:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_uaa:*:*:*:*:*:*:*:* (Version <= 3.7.0)
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.19:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.12:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.39:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.25:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.14:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.17:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.35:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.11:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.15:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.7:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.20:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.38:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry:*:*:*:*:*:*:*:* (Version <= 242.0)
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.29:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.9:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.8:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.20:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.13:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.30:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.12:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.8:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.26:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.34:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.6.21:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_elastic_runtime:1.7.16:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:cloud_foundry_ops_manager:1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:cloudfoundry:cloud_foundry_uaa_bosh:*:*:*:*:*:*:*:* (Version <= 16.0)

  • * Denotes that component is vulnerable
    BACK
    pivotal_software cloud foundry ops manager 1.7.7
    pivotal_software cloud foundry ops manager 1.7.6
    pivotal_software cloud foundry ops manager 1.8.0
    pivotal_software cloud foundry elastic runtime 1.8.0
    pivotal_software cloud foundry elastic runtime 1.6.33
    pivotal_software cloud foundry elastic runtime 1.6.32
    pivotal_software cloud foundry elastic runtime 1.6.31
    pivotal_software cloud foundry elastic runtime 1.6.23
    pivotal_software cloud foundry elastic runtime 1.6.22
    pivotal_software cloud foundry elastic runtime 1.6.14
    pivotal_software cloud foundry elastic runtime 1.6.13
    pivotal_software cloud foundry elastic runtime 1.6.5
    pivotal_software cloud foundry elastic runtime 1.7.1
    pivotal_software cloud foundry ops manager 1.7.3
    pivotal_software cloud foundry elastic runtime 1.6.9
    pivotal_software cloud foundry elastic runtime 1.7.10
    pivotal_software cloud foundry elastic runtime 1.6.10
    pivotal_software cloud foundry elastic runtime 1.6.0
    pivotal_software cloud foundry ops manager 1.7.10
    pivotal_software cloud foundry elastic runtime 1.7.0
    pivotal_software cloud foundry elastic runtime 1.7.18
    pivotal_software cloud foundry ops manager 1.7.2
    pivotal_software cloud foundry elastic runtime 1.6.28
    pivotal_software cloud foundry ops manager 1.7.11
    pivotal_software cloud foundry elastic runtime 1.6.4
    pivotal_software cloud foundry elastic runtime 1.7.9
    pivotal_software cloud foundry elastic runtime 1.6.36
    pivotal_software cloud foundry elastic runtime 1.6.18
    pivotal_software cloud foundry elastic runtime 1.7.17
    pivotal_software cloud foundry elastic runtime 1.6.1
    pivotal_software cloud foundry elastic runtime 1.6.37
    pivotal_software cloud foundry elastic runtime 1.6.27
    pivotal_software cloud foundry elastic runtime 1.6.19
    pivotal_software cloud foundry uaa *
    pivotal_software cloud foundry elastic runtime 1.7.6
    pivotal_software cloud foundry elastic runtime 1.6.7
    pivotal_software cloud foundry elastic runtime 1.6.6
    pivotal_software cloud foundry elastic runtime 1.7.19
    pivotal_software cloud foundry ops manager 1.7.12
    pivotal_software cloud foundry elastic runtime 1.6.39
    pivotal_software cloud foundry ops manager 1.7.4
    pivotal_software cloud foundry elastic runtime 1.6.25
    pivotal_software cloud foundry elastic runtime 1.7.14
    pivotal_software cloud foundry elastic runtime 1.6.17
    pivotal_software cloud foundry elastic runtime 1.7.4
    pivotal_software cloud foundry elastic runtime 1.6.35
    pivotal_software cloud foundry elastic runtime 1.7.11
    pivotal_software cloud foundry elastic runtime 1.7.15
    pivotal_software cloud foundry elastic runtime 1.7.7
    pivotal_software cloud foundry elastic runtime 1.6.20
    pivotal_software cloud foundry elastic runtime 1.6.2
    pivotal_software cloud foundry elastic runtime 1.6.38
    pivotal_software cloud foundry *
    pivotal_software cloud foundry ops manager 1.7.5
    pivotal_software cloud foundry elastic runtime 1.6.29
    pivotal_software cloud foundry ops manager 1.7.9
    pivotal_software cloud foundry elastic runtime 1.7.8
    pivotal_software cloud foundry elastic runtime 1.6.15
    pivotal_software cloud foundry elastic runtime 1.6.3
    pivotal_software cloud foundry elastic runtime 1.7.5
    pivotal_software cloud foundry elastic runtime 1.6.11
    pivotal_software cloud foundry elastic runtime 1.7.20
    pivotal_software cloud foundry elastic runtime 1.7.13
    pivotal_software cloud foundry elastic runtime 1.6.30
    pivotal_software cloud foundry elastic runtime 1.7.12
    pivotal_software cloud foundry ops manager 1.7.8
    pivotal_software cloud foundry elastic runtime 1.6.12
    pivotal_software cloud foundry ops manager 1.7.1
    pivotal_software cloud foundry elastic runtime 1.6.8
    pivotal_software cloud foundry elastic runtime 1.6.26
    pivotal_software cloud foundry elastic runtime 1.7.3
    pivotal_software cloud foundry elastic runtime 1.7.2
    pivotal_software cloud foundry elastic runtime 1.6.34
    pivotal_software cloud foundry elastic runtime 1.6.21
    pivotal_software cloud foundry elastic runtime 1.7.16
    pivotal_software cloud foundry ops manager 1.7.0
    cloudfoundry cloud foundry uaa bosh *