{"id":"CVE-2016-6655","details":"An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Foundry.","modified":"2026-04-10T03:52:47.768446Z","published":"2017-06-13T06:29:00.190Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/93889"},{"type":"FIX","url":"https://www.cloudfoundry.org/cve-2016-6655/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/cf-mysql-release","events":[{"introduced":"0"},{"last_affected":"4a7df1cbeb2083b19a1b1537bbfc755deb515434"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"30"}]}},{"type":"GIT","repo":"https://github.com/cloudfoundry/cf-release","events":[{"introduced":"0"},{"last_affected":"99d41c78761cca8a6d6ef477ff4e1aac5bdf03fb"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"244"}]}}],"versions":["-","list","log","mariadb","rc145.0","scotty_09012012","v1","v10","v100","v102","v103","v104","v105","v109","v11","v119","v12","v132","v133","v134","v135","v136","v137","v140","v143","v156","v157","v16","v161","v17","v170","v18","v183","v2","v20","v205","v21","v22","v23","v24","v244","v27","v27_alpha","v28","v29","v3","v30","v4","v5","v6","v7","v8","v9","v99","works-for-us"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6655.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}