What is the severity of CVE-2016-6655?

CVE-2016-6655 is classified as a high severity command injection vulnerability.

How do I fix CVE-2016-6655?

To fix CVE-2016-6655, upgrade Cloud Foundry Foundation Cloud Foundry release to version 245 or later and cf-mysql-release to version 31 or later.

What components are affected by CVE-2016-6655?

CVE-2016-6655 affects numerous components of Cloud Foundry that utilize a common script which is susceptible to command injection.

Can a malicious user exploit CVE-2016-6655?

Yes, a malicious user can exploit CVE-2016-6655 through various vectors to execute arbitrary commands.

What are the affected versions of Cloud Foundry for CVE-2016-6655?

The affected versions of Cloud Foundry are versions prior to v245 for cf-release and versions prior to v31 for cf-mysql-release.

Vulnerability/
CVE-2016-6655

critical

9.8

CWE

13/6/2017

6/8/2024

CVE-2016-6655: Command Injection

First published: Tue Jun 13 2017(Updated: )

An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Foundry.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
CF MySQL Release	<=30
Cloud Foundry CF Release	<=244

Remedy

https://www.cloudfoundry.org/cve-2016-6655/

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6655?
CVE-2016-6655 is classified as a high severity command injection vulnerability.
How do I fix CVE-2016-6655?
To fix CVE-2016-6655, upgrade Cloud Foundry Foundation Cloud Foundry release to version 245 or later and cf-mysql-release to version 31 or later.
What components are affected by CVE-2016-6655?
CVE-2016-6655 affects numerous components of Cloud Foundry that utilize a common script which is susceptible to command injection.
Can a malicious user exploit CVE-2016-6655?
Yes, a malicious user can exploit CVE-2016-6655 through various vectors to execute arbitrary commands.
What are the affected versions of Cloud Foundry for CVE-2016-6655?
The affected versions of Cloud Foundry are versions prior to v245 for cf-release and versions prior to v31 for cf-mysql-release.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/description
agent/remedy
agent/author
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cloudfoundry
canonical/cf mysql release
version/cf mysql release/30
canonical/cloud foundry cf release
version/cloud foundry cf release/244

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.