What is CVE-2016-4435?

CVE-2016-4435 is a critical-severity vulnerability in Pivotal Bosh_stemcell, classified under CWE-264. CVSS score: 9.0/10. Published 2017-05-25.

How severe is CVE-2016-4435?

Critical severity. CVSS v3 base score is 9.0 out of 10.

Vulnerability in Pivotal Bosh_stemcell

CVE-2016-4435

An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability…

EPSS: 0.006 (68.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.0 (Critical). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Pivotal Bosh_stemcell — versions 3146.13
Pivotal Cloud Foundry — versions BOSH stemcell versions prior to 3232.6 and 3146.13

Weakness classification (CWE)

CWE-264

References

security_alert@emc.com (x_refsource_CONFIRM, Third Party Advisory)

Frequently asked questions

What is CVE-2016-4435?: CVE-2016-4435 is a critical-severity vulnerability in Pivotal Bosh_stemcell, classified under CWE-264. CVSS score: 9.0/10. Published 2017-05-25.
How severe is CVE-2016-4435?: Critical severity. CVSS v3 base score is 9.0 out of 10.