CVE-2017-4955
First published: Tue Jun 13 2017(Updated: )
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic Runtime tile.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pivotal Cloud Foundry Elastic Runtime | =1.6.0 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.1 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.2 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.3 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.4 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.5 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.6 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.7 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.8 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.9 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.10 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.11 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.12 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.13 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.14 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.15 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.16 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.17 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.18 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.19 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.20 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.21 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.22 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.23 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.24 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.25 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.26 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.27 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.28 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.29 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.30 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.31 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.32 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.33 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.34 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.35 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.36 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.37 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.38 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.39 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.40 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.41 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.42 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.43 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.44 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.45 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.46 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.47 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.48 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.49 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.50 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.51 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.52 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.53 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.54 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.55 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.56 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.57 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.58 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.59 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.60 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.61 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.62 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.63 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.6.64 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.1 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.2 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.3 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.4 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.5 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.6 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.7 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.8 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.9 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.10 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.11 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.12 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.13 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.14 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.15 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.16 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.17 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.18 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.19 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.20 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.21 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.22 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.23 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.24 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.25 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.26 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.27 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.28 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.29 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.30 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.31 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.32 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.33 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.34 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.35 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.36 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.37 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.38 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.39 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.40 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.41 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.42 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.43 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.44 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.45 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.46 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.7.47 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.1 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.2 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.3 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.4 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.5 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.6 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.7 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.8 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.9 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.10 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.11 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.12 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.13 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.14 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.15 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.16 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.17 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.18 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.19 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.20 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.21 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.22 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.23 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.24 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.25 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.26 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.8.27 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.9.1 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.9.2 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.9.3 | |
| Pivotal Cloud Foundry Elastic Runtime | =1.9.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-4955?
CVE-2017-4955 has been classified as a medium severity vulnerability.
How do I fix CVE-2017-4955?
To fix CVE-2017-4955, upgrade to Pivotal PCF Elastic Runtime versions 1.6.65, 1.7.48, 1.8.28, or 1.9.5 and later.
What software is affected by CVE-2017-4955?
CVE-2017-4955 affects Pivotal PCF Elastic Runtime versions prior to 1.6.65, 1.7.48, 1.8.28, and 1.9.5.
What kind of information is exposed by CVE-2017-4955?
CVE-2017-4955 exposes sensitive credentials that were logged during the Notifications errand.
Is there a workaround for CVE-2017-4955 if I cannot upgrade?
There is no recommended workaround for CVE-2017-4955; upgrading to a fixed version is necessary.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/pivotal software
- canonical/pivotal cloud foundry elastic runtime
- version/pivotal cloud foundry elastic runtime/1.6.0
- version/pivotal cloud foundry elastic runtime/1.6.1
- version/pivotal cloud foundry elastic runtime/1.6.2
- version/pivotal cloud foundry elastic runtime/1.6.3
- version/pivotal cloud foundry elastic runtime/1.6.4
- version/pivotal cloud foundry elastic runtime/1.6.5
- version/pivotal cloud foundry elastic runtime/1.6.6
- version/pivotal cloud foundry elastic runtime/1.6.7
- version/pivotal cloud foundry elastic runtime/1.6.8
- version/pivotal cloud foundry elastic runtime/1.6.9
- version/pivotal cloud foundry elastic runtime/1.6.10
- version/pivotal cloud foundry elastic runtime/1.6.11
- version/pivotal cloud foundry elastic runtime/1.6.12
- version/pivotal cloud foundry elastic runtime/1.6.13
- version/pivotal cloud foundry elastic runtime/1.6.14
- version/pivotal cloud foundry elastic runtime/1.6.15
- version/pivotal cloud foundry elastic runtime/1.6.16
- version/pivotal cloud foundry elastic runtime/1.6.17
- version/pivotal cloud foundry elastic runtime/1.6.18
- version/pivotal cloud foundry elastic runtime/1.6.19
- version/pivotal cloud foundry elastic runtime/1.6.20
- version/pivotal cloud foundry elastic runtime/1.6.21
- version/pivotal cloud foundry elastic runtime/1.6.22
- version/pivotal cloud foundry elastic runtime/1.6.23
- version/pivotal cloud foundry elastic runtime/1.6.24
- version/pivotal cloud foundry elastic runtime/1.6.25
- version/pivotal cloud foundry elastic runtime/1.6.26
- version/pivotal cloud foundry elastic runtime/1.6.27
- version/pivotal cloud foundry elastic runtime/1.6.28
- version/pivotal cloud foundry elastic runtime/1.6.29
- version/pivotal cloud foundry elastic runtime/1.6.30
- version/pivotal cloud foundry elastic runtime/1.6.31
- version/pivotal cloud foundry elastic runtime/1.6.32
- version/pivotal cloud foundry elastic runtime/1.6.33
- version/pivotal cloud foundry elastic runtime/1.6.34
- version/pivotal cloud foundry elastic runtime/1.6.35
- version/pivotal cloud foundry elastic runtime/1.6.36
- version/pivotal cloud foundry elastic runtime/1.6.37
- version/pivotal cloud foundry elastic runtime/1.6.38
- version/pivotal cloud foundry elastic runtime/1.6.39
- version/pivotal cloud foundry elastic runtime/1.6.40
- version/pivotal cloud foundry elastic runtime/1.6.41
- version/pivotal cloud foundry elastic runtime/1.6.42
- version/pivotal cloud foundry elastic runtime/1.6.43
- version/pivotal cloud foundry elastic runtime/1.6.44
- version/pivotal cloud foundry elastic runtime/1.6.45
- version/pivotal cloud foundry elastic runtime/1.6.46
- version/pivotal cloud foundry elastic runtime/1.6.47
- version/pivotal cloud foundry elastic runtime/1.6.48
- version/pivotal cloud foundry elastic runtime/1.6.49
- version/pivotal cloud foundry elastic runtime/1.6.50
- version/pivotal cloud foundry elastic runtime/1.6.51
- version/pivotal cloud foundry elastic runtime/1.6.52
- version/pivotal cloud foundry elastic runtime/1.6.53
- version/pivotal cloud foundry elastic runtime/1.6.54
- version/pivotal cloud foundry elastic runtime/1.6.55
- version/pivotal cloud foundry elastic runtime/1.6.56
- version/pivotal cloud foundry elastic runtime/1.6.57
- version/pivotal cloud foundry elastic runtime/1.6.58
- version/pivotal cloud foundry elastic runtime/1.6.59
- version/pivotal cloud foundry elastic runtime/1.6.60
- version/pivotal cloud foundry elastic runtime/1.6.61
- version/pivotal cloud foundry elastic runtime/1.6.62
- version/pivotal cloud foundry elastic runtime/1.6.63
- version/pivotal cloud foundry elastic runtime/1.6.64
- version/pivotal cloud foundry elastic runtime/1.7.1
- version/pivotal cloud foundry elastic runtime/1.7.2
- version/pivotal cloud foundry elastic runtime/1.7.3
- version/pivotal cloud foundry elastic runtime/1.7.4
- version/pivotal cloud foundry elastic runtime/1.7.5
- version/pivotal cloud foundry elastic runtime/1.7.6
- version/pivotal cloud foundry elastic runtime/1.7.7
- version/pivotal cloud foundry elastic runtime/1.7.8
- version/pivotal cloud foundry elastic runtime/1.7.9
- version/pivotal cloud foundry elastic runtime/1.7.10
- version/pivotal cloud foundry elastic runtime/1.7.11
- version/pivotal cloud foundry elastic runtime/1.7.12
- version/pivotal cloud foundry elastic runtime/1.7.13
- version/pivotal cloud foundry elastic runtime/1.7.14
- version/pivotal cloud foundry elastic runtime/1.7.15
- version/pivotal cloud foundry elastic runtime/1.7.16
- version/pivotal cloud foundry elastic runtime/1.7.17
- version/pivotal cloud foundry elastic runtime/1.7.18
- version/pivotal cloud foundry elastic runtime/1.7.19
- version/pivotal cloud foundry elastic runtime/1.7.20
- version/pivotal cloud foundry elastic runtime/1.7.21
- version/pivotal cloud foundry elastic runtime/1.7.22
- version/pivotal cloud foundry elastic runtime/1.7.23
- version/pivotal cloud foundry elastic runtime/1.7.24
- version/pivotal cloud foundry elastic runtime/1.7.25
- version/pivotal cloud foundry elastic runtime/1.7.26
- version/pivotal cloud foundry elastic runtime/1.7.27
- version/pivotal cloud foundry elastic runtime/1.7.28
- version/pivotal cloud foundry elastic runtime/1.7.29
- version/pivotal cloud foundry elastic runtime/1.7.30
- version/pivotal cloud foundry elastic runtime/1.7.31
- version/pivotal cloud foundry elastic runtime/1.7.32
- version/pivotal cloud foundry elastic runtime/1.7.33
- version/pivotal cloud foundry elastic runtime/1.7.34
- version/pivotal cloud foundry elastic runtime/1.7.35
- version/pivotal cloud foundry elastic runtime/1.7.36
- version/pivotal cloud foundry elastic runtime/1.7.37
- version/pivotal cloud foundry elastic runtime/1.7.38
- version/pivotal cloud foundry elastic runtime/1.7.39
- version/pivotal cloud foundry elastic runtime/1.7.40
- version/pivotal cloud foundry elastic runtime/1.7.41
- version/pivotal cloud foundry elastic runtime/1.7.42
- version/pivotal cloud foundry elastic runtime/1.7.43
- version/pivotal cloud foundry elastic runtime/1.7.44
- version/pivotal cloud foundry elastic runtime/1.7.45
- version/pivotal cloud foundry elastic runtime/1.7.46
- version/pivotal cloud foundry elastic runtime/1.7.47
- version/pivotal cloud foundry elastic runtime/1.8.1
- version/pivotal cloud foundry elastic runtime/1.8.2
- version/pivotal cloud foundry elastic runtime/1.8.3
- version/pivotal cloud foundry elastic runtime/1.8.4
- version/pivotal cloud foundry elastic runtime/1.8.5
- version/pivotal cloud foundry elastic runtime/1.8.6
- version/pivotal cloud foundry elastic runtime/1.8.7
- version/pivotal cloud foundry elastic runtime/1.8.8
- version/pivotal cloud foundry elastic runtime/1.8.9
- version/pivotal cloud foundry elastic runtime/1.8.10
- version/pivotal cloud foundry elastic runtime/1.8.11
- version/pivotal cloud foundry elastic runtime/1.8.12
- version/pivotal cloud foundry elastic runtime/1.8.13
- version/pivotal cloud foundry elastic runtime/1.8.14
- version/pivotal cloud foundry elastic runtime/1.8.15
- version/pivotal cloud foundry elastic runtime/1.8.16
- version/pivotal cloud foundry elastic runtime/1.8.17
- version/pivotal cloud foundry elastic runtime/1.8.18
- version/pivotal cloud foundry elastic runtime/1.8.19
- version/pivotal cloud foundry elastic runtime/1.8.20
- version/pivotal cloud foundry elastic runtime/1.8.21
- version/pivotal cloud foundry elastic runtime/1.8.22
- version/pivotal cloud foundry elastic runtime/1.8.23
- version/pivotal cloud foundry elastic runtime/1.8.24
- version/pivotal cloud foundry elastic runtime/1.8.25
- version/pivotal cloud foundry elastic runtime/1.8.26
- version/pivotal cloud foundry elastic runtime/1.8.27
- version/pivotal cloud foundry elastic runtime/1.9.1
- version/pivotal cloud foundry elastic runtime/1.9.2
- version/pivotal cloud foundry elastic runtime/1.9.3
- version/pivotal cloud foundry elastic runtime/1.9.4