CVE-2016-0713
UnknownEPSS 0.54%
Last modified
CVE-2016-0713 is a vulnerability of currently unknown severity. Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.. EPSS estimates a 0.54% chance of exploitation in the next 30 days.
Description
Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cloudfoundry | Cf-Release | 141 |
| Cloudfoundry | Cf-Release | 142 |
| Cloudfoundry | Cf-Release | 143 |
| Cloudfoundry | Cf-Release | 144 |
| Cloudfoundry | Cf-Release | 145 |
| Cloudfoundry | Cf-Release | 146 |
| Cloudfoundry | Cf-Release | 147 |
| Cloudfoundry | Cf-Release | 148 |
| Cloudfoundry | Cf-Release | 149 |
| Cloudfoundry | Cf-Release | 150 |
| Cloudfoundry | Cf-Release | 151 |
| Cloudfoundry | Cf-Release | 152 |
| Cloudfoundry | Cf-Release | 153 |
| Cloudfoundry | Cf-Release | 154 |
| Cloudfoundry | Cf-Release | 155 |
| Cloudfoundry | Cf-Release | 156 |
| Cloudfoundry | Cf-Release | 157 |
| Cloudfoundry | Cf-Release | 158 |
| Cloudfoundry | Cf-Release | 159 |
| Cloudfoundry | Cf-Release | 160 |
| Cloudfoundry | Cf-Release | 161 |
| Cloudfoundry | Cf-Release | 162 |
| Cloudfoundry | Cf-Release | 163 |
| Cloudfoundry | Cf-Release | 164 |
| Cloudfoundry | Cf-Release | 165 |
| Cloudfoundry | Cf-Release | 166 |
| Cloudfoundry | Cf-Release | 167 |
| Cloudfoundry | Cf-Release | 168 |
| Cloudfoundry | Cf-Release | 169 |
| Cloudfoundry | Cf-Release | 170 |
| Cloudfoundry | Cf-Release | 171 |
| Cloudfoundry | Cf-Release | 172 |
| Cloudfoundry | Cf-Release | 173 |
| Cloudfoundry | Cf-Release | 174 |
| Cloudfoundry | Cf-Release | 175 |
| Cloudfoundry | Cf-Release | 176 |
| Cloudfoundry | Cf-Release | 177 |
| Cloudfoundry | Cf-Release | 178 |
| Cloudfoundry | Cf-Release | 179 |
| Cloudfoundry | Cf-Release | 180 |
| Cloudfoundry | Cf-Release | 181 |
| Cloudfoundry | Cf-Release | 182 |
| Cloudfoundry | Cf-Release | 183 |
| Cloudfoundry | Cf-Release | 184 |
| Cloudfoundry | Cf-Release | 185 |
| Cloudfoundry | Cf-Release | 186 |
| Cloudfoundry | Cf-Release | 187 |
| Cloudfoundry | Cf-Release | 188 |
| Cloudfoundry | Cf-Release | 189 |
| Cloudfoundry | Cf-Release | 190 |
Showing 50 of 88 affected configurations. See NVD for the full list.
References
- https://bosh.io/releases/github.com/cloudfoundry/cf-release?version=229Release Notes, Third Party Advisory
- https://bosh.io/releases/github.com/cloudfoundry/cf-release?version=229Release Notes, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-0713?
Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.
How severe is CVE-2016-0713?
Severity scoring for CVE-2016-0713 is pending analysis. The EPSS model estimates a 0.54% probability of exploitation in the next 30 days.
How do I fix CVE-2016-0713?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2016-0713?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST