Lucene search
RedhatCVELIST:CVE-2016-5016HistoryApr 24, 2017 - 7:00 p.m.
CVE-2016-5016
2017-04-2419:00:00
redhat
www.cve.org
0.003 Low
EPSS
Percentile
66.4%
Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired.
References
github.com/cloudfoundry/cf-release/releases/tag/v240
github.com/cloudfoundry/uaa-release/releases/tag/v11.3
github.com/cloudfoundry/uaa-release/releases/tag/v12.3
github.com/cloudfoundry/uaa/releases/tag/2.7.4.6
github.com/cloudfoundry/uaa/releases/tag/3.3.0.3
github.com/cloudfoundry/uaa/releases/tag/3.4.2
pivotal.io/security/cve-2016-5016
Related
cloudfoundry
cloudfoundry
CVE-2016-5016 UAA accepts expired certificates | Cloud Foundry
2016-08-18 00:00:00
CVE-2016-5016 UAA accepts expired certificates | Cloud Foundry
2016-08-18 00:00:00
prion
prion
Code injection
2017-04-24 19:59:00
nvd
nvd
CVE-2016-5016
2017-04-24 19:59:00
github
github
Cloud Foundry vulnerable to Improper Certificate Validation
2022-05-14 01:30:57
osv
osv
Cloud Foundry vulnerable to Improper Certificate Validation
2022-05-14 01:30:57
cve
cve
CVE-2016-5016
2017-04-24 19:59:00