CVE-2016-6657 PCF Open Redirects
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime components.
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- PCF Elastic Runtime 1.8.x versions prior to 1.8.12
- PCF Ops Manager 1.7.x versions prior to 1.7.18 and 1.8.x versions prior to 1.8.10
Users of affected versions should apply the following mitigation:
- Upgrade PCF Elastic Runtime 1.8.x versions to 1.8.12 or later
- Upgrade PCF Ops Manager 1.7.x versions to 1.7.18 or later and 1.8.x versions to 1.8.10 or later
This vulnerability was responsibly reported by Lenu Galardi.