How severe is CVE-2016-15036?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2016-15036?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2016-15036 - HIGH Severity | CVSS 7.5

Vulnerability Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 2.3.3 is able to address this issue. The patch is named 31fe3bccbdde134a185752e53380330d16053f7f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248847. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Related Vulnerabilities

CVE-2009-1837

HIGH

CVSS:7.5(High)

Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code...

CWE-3622009

CVE-2016-20015

HIGH

CVSS:7.5(High)

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privilege...

CWE-3622016

CVE-2016-2812

HIGH

CVSS:7.5(High)

Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a d...

CWE-3622016

CVE-2016-4309

HIGH

CVSS:7.5(High)

Session fixation vulnerability in Symphony CMS 2.6.7, when session.use_only_cookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter.

CWE-3622016

CVE-2016-4954

HIGH

CVSS:7.5(High)

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many sour...

CWE-3622016

CVE-2016-9256

HIGH

CVSS:7.5(High)

In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are chang...

CWE-3622016