CVE-2016-6653

Published: Oct 6, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cleartext credentials.

Affected (2)

Products: Pivotal Software: Cloud Foundry Cf Mysql

Pivotal Software

1 product

Cloud Foundry Cf Mysql

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Pivotal Software Cloud Foundry Cf Mysql	Version 27.0
Pivotal Software Cloud Foundry Cf Mysql	Version 28.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/93480

Source: security_alert@emc.com

https://pivotal.io/security/cve-2016-6653

Source: security_alert@emc.com

Vendor Advisory

http://www.securityfocus.com/bid/93480

Source: af854a3a-2127-422b-91ae-364da2661108

https://pivotal.io/security/cve-2016-6653

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.