{"containers": {"cna": {"affected": [{"product": "Cloud Foundry", "vendor": "Pivotal", "versions": [{"status": "affected", "version": "cf-release v231 and lower"}, {"status": "affected", "version": "Elastic Runtime 1.5.x versions prior to 1.5.17"}, {"status": "affected", "version": "Elastic Runtime 1.6.x versions prior to 1.6.18"}]}], "datePublic": "2016-03-23T00:00:00", "descriptions": [{"lang": "en", "value": "It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-05-25T16:57:01", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://pivotal.io/security/cve-2016-0780"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2016-0780", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cloud Foundry", "version": {"version_data": [{"version_value": "cf-release v231 and lower"}, {"version_value": "Elastic Runtime 1.5.x versions prior to 1.5.17"}, {"version_value": "Elastic Runtime 1.6.x versions prior to 1.6.18"}]}}]}, "vendor_name": "Pivotal"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "https://pivotal.io/security/cve-2016-0780", "refsource": "CONFIRM", "url": "https://pivotal.io/security/cve-2016-0780"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:30:04.090Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://pivotal.io/security/cve-2016-0780"}]}]}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2016-0780", "datePublished": "2017-05-25T17:00:00", "dateReserved": "2015-12-16T00:00:00", "dateUpdated": "2024-08-05T22:30:04.090Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:cf-release:231:*:*:*:*:*:*:*", "matchCriteriaId": "DBA563A9-3C12-4F83-9E63-BC03636BC799", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "472AA352-D04B-45D0-AAD7-95CE0738E9AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9619B693-4B49-4FDC-AB49-5E6B2F124AB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "F7C2DED8-D527-4732-B57F-489CF5626352", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D585B534-0CD9-400D-A237-B026A83082C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "50C759FB-0796-4214-B085-0565AB75C216", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "8430DACA-7518-47BB-A89F-B7E83190C54C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "29F9167C-F195-4004-9EF4-43F199F05E3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "48B486D0-318D-4912-A992-5B89D93C11BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "E015CE12-73EB-4FAD-B569-719F93685B0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "16AE14C4-FA84-4E8B-9231-83DB4F71DC35", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "06576161-44B7-4EB1-8C26-C49CFF3FD11B", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "D6F9581A-42DB-4ADE-AFA1-2364371CC24A", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "2DCDE033-923F-4338-9E45-22FE684B43ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "D300B952-8EF3-4CB1-88B6-125837C3474B", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.14:*:*:*:*:*:*:*", "matchCriteriaId": "71AFAFE8-3B21-4AF0-8B3D-597FEEFEEDE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.15:*:*:*:*:*:*:*", "matchCriteriaId": "21202F77-DF05-4A07-8CEB-76DD03395957", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.5.16:*:*:*:*:*:*:*", "matchCriteriaId": "1A9BA6EB-6BC0-4A74-9726-3F242D00FE78", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CC5918-BC38-46E3-8000-5FE87A65C0E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "36926681-35F4-4619-9613-155DEEEA3C8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "41FF3C2B-E96F-4DF7-A5C4-703206CB729E", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F9CB3C2D-3080-4A3D-8D8D-1381B5D98920", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "782781EB-147C-4B00-84C5-1D8443BFA2D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "35A56755-EEB2-4C93-B180-3918A36965AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "E4009F10-08AF-470B-B903-38B8A6DBF332", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "2B2E8F04-53E6-4A3C-BE4B-8D0DDA22CA8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "790DAB24-893A-463F-8358-171DACD75074", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "3645A1A8-4945-447F-A968-101D5938F9C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "0E52C9B9-8F94-48D8-ADA6-96918F6AAD36", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "3948FC2F-AF3B-4AF3-968D-F124D03A213A", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "4BA44F9B-97D5-48C0-91E9-6D3FEC8B7773", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "7B414F88-6541-48C6-B9D6-4DDA035A0037", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*", "matchCriteriaId": "66235C7F-D5EE-4989-8D24-6D0781954234", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*", "matchCriteriaId": "12E75B49-2419-4313-A648-B5283DA620E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "EED70273-3FB2-4652-9AA2-10E2E9D581DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "A2C07910-C462-46C1-83CB-39B3FD8D25BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications."}, {"lang": "es", "value": "Se detect\u00f3 que cf-release versi\u00f3n v231 e inferior, Pivotal Cloud Foundry Elastic Runtime versiones 1.5.x anteriores a 1.5.17 y Pivotal Cloud Foundry Elastic Runtime versiones 1.6.x anteriores a 1.6.18, no hacen cumplir las cuotas de disco apropiadamente en ciertos casos. Un atacante podr\u00eda usar un valor de cuota de disco inapropiado para omitir la ejecuci\u00f3n y consumo de todo el disco en DEAs/CELLs, causando  una potencial denegaci\u00f3n de servicio para otras aplicaciones."}], "id": "CVE-2016-0780", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-25T17:29:00.520", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://pivotal.io/security/cve-2016-0780"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://pivotal.io/security/cve-2016-0780"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}