Vulnerabilities > Pivotal > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-25 | CVE-2016-4435 | Permissions, Privileges, and Access Controls vulnerability in Pivotal Bosh Stemcell 3146.13/3232.4 An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. | 9.0 |
| 2016-09-18 | CVE-2016-0930 | Race Condition vulnerability in Pivotal Operations Manager Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH access by connecting within an installation-time period during which these VMs exist. | 9.8 |