Vulnerability Details CVE-2016-9880
The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2016-9880
-
cpe:2.3:a:pivotal_software:gemfire_for_pivotal_cloud_foundry:*
-
cpe:2.3:a:pivotal_software:gemfire_for_pivotal_cloud_foundry:1.7.0