CVE-2016-5016

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-5016

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5016.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-5016

Aliases

GHSA-rc2r-w8jv-vggp

Published

2017-04-24T19:59:00.253Z

Modified

2026-04-10T03:50:07.950899Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired.

References

Affected packages

Git / github.com/cloudfoundry-attic/cf-release

Affected ranges

Type: GIT
Repo: https://github.com/cloudfoundry-attic/cf-release
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1b88d9e499613e6f9b0728c39b8b4ffa486a0fb6

Type

GIT

Repo

https://github.com/cloudfoundry/cf-release

Events

Introduced

Last affected

8da019e837edd07791b8d2ec20e7294a17e76f83

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "239"
        }
    ]
}

Type

GIT

Repo

https://github.com/cloudfoundry/uaa

Events

Introduced

Last affected

ddae2a131ab505ddf079a7db4289205098373244

Fixed

a54d147a0a0f2bad89b3cb768338acd3009cc815

Fixed

87e9f7b65eede068ad8cd392831317e10ef1e25e

Fixed

094f75188cc0606c5194cc64cf722c54ec8bfd2b

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.4.1"
        }
    ]
}

Type

GIT

Repo

https://github.com/cloudfoundry/uaa-release

Events

Introduced

Last affected

38bc1da92d55f3947f5830f302664a5ceceaa9fe

Fixed

f6ca40e0700609cd71ec349d01c3330902222404

Fixed

b4b444b12a80357c4e64ba9e5c10ac998dc83c05

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "12.2"
        }
    ]
}

Affected versions

Other

lenient_hybrid_flow

list

log

scotty_09012012

travis-success-1475

travis-success-1478

travis-success-1497

v10

v100

v102

v103

v104

v105

v109

v11

v119

v12

v132

v133

v134

v135

v136

v137

v140

v143

v156

v157

v161

v170

v183

v205

v239

v99

works-for-us

1.*

1.0.1

1.0.3

1.1

1.1.1

1.1.2

1.10

1.11

1.2.0

1.2.6

1.4.0

1.4.1

1.4.2

1.4.3

1.4.5

1.4.6

1.4.7

1.5.0

1.5.2

1.5.2.1

1.5.3

1.5.4

1.5.4.1

1.6.0

1.6.1

1.6.2

1.6.4

1.6.5

1.7.0

1.7.1

1.7.2

1.8.0

1.8.1

1.8.2

1.8.3

1.9.0

1.9.1

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.1.0

2.2.4.1

2.2.5

2.2.6

2.3.0

2.3.1

2.3.1.1

2.4.0

2.4.1

2.5.0

2.5.1

2.5.2

2.6.0

2.6.1

2.6.2

2.7.0

2.7.0.1

2.7.0.2

2.7.0.3

2.7.1

2.7.2

2.7.3

2.7.4

2.7.4.1

2.7.4.2

2.7.4.3

2.7.4.4

2.7.4.5

3.*

3.0.0

3.0.1

3.1.0

3.2.0

3.2.1

3.3.0

3.3.0.1

3.3.0.2

3.4.0

3.4.1

rc145.*

rc145.0

v11.*

v11.1

v11.2

v12.*

v12.1

v12.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5016.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "1.6.0"
            },
            {
                "fixed": "1.6.35"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "1.7.0"
            },
            {
                "fixed": "1.7.13"
            }
        ]
    }
]