CVE-2016-0930 Ops Manager Compilation VMs Vulnerability on vSphere and vCloud
Severity
Low
Vendor
Pivotal
Versions Affected
- vSphere and vCloud deployments of Pivotal Operations Manager, versions prior to 1.6.19 and 1.7.x versions prior to 1.7.10
Description
Ops Manager compilation VMs exist for a short time during installation, but can be accessed via SSH using a default password for vSphere and vCloud deployments.
Mitigation
Pivotal Ops Manager users on vSphere or vCloud deployments should follow the appropriate mitigation below:
- Upgrade Ops Manager to 1.6.x versions and below to 1.6.19 or later
- Upgrade Ops Manager 1.7.x versions to 1.7.10 or later