CVE-2016-8220

HIGH

Pivotal Gemfire for PCF <1.6.5.0-1.7.1.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. The application inadvertently exposed WAN replication credentials at a public route.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://docs.pivotal.io/gemfire-cf/relnotes.html

Scores

CVSS v3 7.5
EPSS 0.0113
EPSS Percentile 62.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
pivotal_software/gemfire 1.6.0.0 - 1.6.5.0
Published Apr 18, 2018
Tracked Since Feb 18, 2026