Open Redirect Vulnerability in Pivotal Cloud Foundry Elastic Runtime
CVE-2016-6657
7.4HIGH
What is CVE-2016-6657?
An open redirect vulnerability exists in certain components of Pivotal Cloud Foundry Elastic Runtime. This flaw allows attackers to redirect users to untrusted sites, potentially leading to phishing attacks. Users are strongly encouraged to upgrade their PCF Elastic Runtime to version 1.8.12 or later, and PCF Ops Manager to version 1.7.18 or later for 1.7.x versions and 1.8.10 or later for 1.8.x versions to mitigate the risk associated with this vulnerability.
Affected Version(s)
PCF Elastic Runtime 1.8.x prior to 1.8.12 and PCF Ops Manager 1.7.x prior to 1.7.18 and 1.8.x prior to 1.8.10 PCF Elastic Runtime 1.8.x versions prior to 1.8.12 and PCF Ops Manager 1.7.x versions prior to 1.7.18 and 1.8.x versions prior to 1.8.10
