Medium severity5.9NVD Advisory· Published Apr 24, 2017· Updated Jun 17, 2026
CVE-2016-5016
CVE-2016-5016
Description
Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.cloudfoundry.identity:cloudfoundry-identity-serverMaven | >= 3.0.0, < 3.3.0.3 | 3.3.0.3 |
org.cloudfoundry.identity:cloudfoundry-identity-serverMaven | >= 3.4.0, < 3.4.2 | 3.4.2 |
Affected products
5- cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:*:*:*:*:*:*:*:*Range: >=1.6.0,<1.6.35
- cpe:2.3:a:pivotal_software:cloud_foundry_uaa-release:*:*:*:*:*:*:*:*Range: <=12.2
- ghsa-coordsRange: >= 3.0.0, < 3.3.0.3
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-rc2r-w8jv-vggpghsaADVISORY
- github.com/cloudfoundry/cf-release/releases/tag/v240nvdRelease NotesThird Party AdvisoryWEB
- github.com/cloudfoundry/uaa-release/releases/tag/v11.3nvdRelease NotesThird Party AdvisoryWEB
- github.com/cloudfoundry/uaa-release/releases/tag/v12.3nvdRelease NotesThird Party AdvisoryWEB
- github.com/cloudfoundry/uaa/releases/tag/2.7.4.6nvdRelease NotesThird Party AdvisoryWEB
- github.com/cloudfoundry/uaa/releases/tag/3.3.0.3nvdRelease NotesThird Party AdvisoryWEB
- github.com/cloudfoundry/uaa/releases/tag/3.4.2nvdRelease NotesThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2016-5016ghsaADVISORY
- pivotal.io/security/cve-2016-5016nvdVendor AdvisoryWEB
- github.com/cloudfoundry/uaa/commit/0a78612f981c541ad2d997e6a365f2a0b3e799d9ghsaWEB
- github.com/cloudfoundry/uaa/commit/bc91ccd2029e8f1cea0c647f0c9aad4585f7a2cghsaWEB
- github.com/cloudfoundry/uaa/commit/f97049df1c6c03effda5049c41704ac831ff3925ghsaWEB
News mentions
0No linked articles in our index yet.