CVE-2016-0896 in Cloud Foundry Elastic Runtimeinfo

Summary

Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.34 and 1.7.x before 1.7.12 places 169.254.0.0/16 in the all_open Application Security Group, which might allow remote attackers to bypass intended network-connectivity restrictions by leveraging access to the 169.254.169.254 address.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

12/17/2015

Disclosure

09/17/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-254

CVSS

7.3

EPSS

0.00140

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-0896
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-0896
CVE Details	https://www.cvedetails.com/cve/CVE-2016-0896/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!