CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
66.3%
Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired.
Vendor | Product | Version | CPE |
---|---|---|---|
org.cloudfoundry.identity | cloudfoundry-identity-server | * | cpe:2.3:a:org.cloudfoundry.identity:cloudfoundry-identity-server:*:*:*:*:*:*:*:* |
github.com/advisories/GHSA-rc2r-w8jv-vggp
github.com/cloudfoundry/cf-release/releases/tag/v240
github.com/cloudfoundry/uaa-release/releases/tag/v11.3
github.com/cloudfoundry/uaa-release/releases/tag/v12.3
github.com/cloudfoundry/uaa/commit/0a78612f981c541ad2d997e6a365f2a0b3e799d9
github.com/cloudfoundry/uaa/commit/bc91ccd2029e8f1cea0c647f0c9aad4585f7a2c
github.com/cloudfoundry/uaa/commit/f97049df1c6c03effda5049c41704ac831ff3925
github.com/cloudfoundry/uaa/releases/tag/2.7.4.6
github.com/cloudfoundry/uaa/releases/tag/3.3.0.3
github.com/cloudfoundry/uaa/releases/tag/3.4.2
nvd.nist.gov/vuln/detail/CVE-2016-5016
pivotal.io/security/cve-2016-5016
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
66.3%