What is the severity of CVE-2016-0780?

The severity of CVE-2016-0780 is considered medium due to the potential for unauthorized disk quota manipulation.

How do I fix CVE-2016-0780?

To mitigate CVE-2016-0780, upgrade to Pivotal Cloud Foundry Elastic Runtime version 1.5.17 or 1.6.18 or later.

What versions are affected by CVE-2016-0780?

CVE-2016-0780 affects cf-release v231 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.5.17 and 1.6.18.

Can CVE-2016-0780 lead to data loss?

Yes, CVE-2016-0780 could potentially allow an attacker to manipulate disk quotas, leading to data loss.

Is there a workaround for CVE-2016-0780?

There is no documented workaround for CVE-2016-0780; users are advised to apply the latest security patches.

Vulnerability/
CVE-2016-0780

high

7.5

CWE

399

25/5/2017

5/8/2024

CVE-2016-0780

First published: Thu May 25 2017(Updated: )

It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Cloud Foundry CF Release	=231
Pivotal Elastic Runtime	=1.5.0
Pivotal Elastic Runtime	=1.5.1
Pivotal Elastic Runtime	=1.5.2
Pivotal Elastic Runtime	=1.5.3
Pivotal Elastic Runtime	=1.5.4
Pivotal Elastic Runtime	=1.5.5
Pivotal Elastic Runtime	=1.5.6
Pivotal Elastic Runtime	=1.5.7
Pivotal Elastic Runtime	=1.5.8
Pivotal Elastic Runtime	=1.5.9
Pivotal Elastic Runtime	=1.5.10
Pivotal Elastic Runtime	=1.5.11
Pivotal Elastic Runtime	=1.5.12
Pivotal Elastic Runtime	=1.5.13
Pivotal Elastic Runtime	=1.5.14
Pivotal Elastic Runtime	=1.5.15
Pivotal Elastic Runtime	=1.5.16
Pivotal Elastic Runtime	=1.6.0
Pivotal Elastic Runtime	=1.6.1
Pivotal Elastic Runtime	=1.6.2
Pivotal Elastic Runtime	=1.6.3
Pivotal Elastic Runtime	=1.6.4
Pivotal Elastic Runtime	=1.6.5
Pivotal Elastic Runtime	=1.6.6
Pivotal Elastic Runtime	=1.6.7
Pivotal Elastic Runtime	=1.6.8
Pivotal Elastic Runtime	=1.6.9
Pivotal Elastic Runtime	=1.6.10
Pivotal Elastic Runtime	=1.6.11
Pivotal Elastic Runtime	=1.6.12
Pivotal Elastic Runtime	=1.6.13
Pivotal Elastic Runtime	=1.6.14
Pivotal Elastic Runtime	=1.6.15
Pivotal Elastic Runtime	=1.6.16
Pivotal Elastic Runtime	=1.6.17

Never miss a vulnerability like this again

Reference Links

https://pivotal.io/security/cve-2016-0780

Frequently Asked Questions

What is the severity of CVE-2016-0780?
The severity of CVE-2016-0780 is considered medium due to the potential for unauthorized disk quota manipulation.
How do I fix CVE-2016-0780?
To mitigate CVE-2016-0780, upgrade to Pivotal Cloud Foundry Elastic Runtime version 1.5.17 or 1.6.18 or later.
What versions are affected by CVE-2016-0780?
CVE-2016-0780 affects cf-release v231 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.5.17 and 1.6.18.
Can CVE-2016-0780 lead to data loss?
Yes, CVE-2016-0780 could potentially allow an attacker to manipulate disk quotas, leading to data loss.
Is there a workaround for CVE-2016-0780?
There is no documented workaround for CVE-2016-0780; users are advised to apply the latest security patches.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/references
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cloudfoundry
canonical/cloud foundry cf release
version/cloud foundry cf release/231
vendor/pivotal software
canonical/pivotal elastic runtime
version/pivotal elastic runtime/1.5.0
version/pivotal elastic runtime/1.5.1
version/pivotal elastic runtime/1.5.2
version/pivotal elastic runtime/1.5.3
version/pivotal elastic runtime/1.5.4
version/pivotal elastic runtime/1.5.5
version/pivotal elastic runtime/1.5.6
version/pivotal elastic runtime/1.5.7
version/pivotal elastic runtime/1.5.8
version/pivotal elastic runtime/1.5.9
version/pivotal elastic runtime/1.5.10
version/pivotal elastic runtime/1.5.11
version/pivotal elastic runtime/1.5.12
version/pivotal elastic runtime/1.5.13
version/pivotal elastic runtime/1.5.14
version/pivotal elastic runtime/1.5.15
version/pivotal elastic runtime/1.5.16
version/pivotal elastic runtime/1.6.0
version/pivotal elastic runtime/1.6.1
version/pivotal elastic runtime/1.6.2
version/pivotal elastic runtime/1.6.3
version/pivotal elastic runtime/1.6.4
version/pivotal elastic runtime/1.6.5
version/pivotal elastic runtime/1.6.6
version/pivotal elastic runtime/1.6.7
version/pivotal elastic runtime/1.6.8
version/pivotal elastic runtime/1.6.9
version/pivotal elastic runtime/1.6.10
version/pivotal elastic runtime/1.6.11
version/pivotal elastic runtime/1.6.12
version/pivotal elastic runtime/1.6.13
version/pivotal elastic runtime/1.6.14
version/pivotal elastic runtime/1.6.15
version/pivotal elastic runtime/1.6.16
version/pivotal elastic runtime/1.6.17