CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6655

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile10.26th
PublishedJun 13, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Foundry.

Affected Platforms (CPE)

πŸ“¦
Cloudfoundry

Cf Mysql Release

<= 30
πŸ“¦
Cloudfoundry

Cf Release

<= 244

References & Advisories

πŸ”— http://www.securityfocus.com/bid/93889
πŸ”— https://www.cloudfoundry.org/cve-2016-6655/
πŸ”— http://www.securityfocus.com/bid/93889
πŸ”— https://www.cloudfoundry.org/cve-2016-6655/

Related Vulnerabilities

CVE-2021-392017.6

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impa...

CVE-2002-18097.5

The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allo...

CVE-2016-66537.5

The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) cf-mysql-release 27 and 28 allows remote attackers to obtain sen...

CVE-2009-29297.5

Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via ...