PT-2017-8651 · Pivotal · Pivotal Cloud Foundry+2
Publicado
2017-04-24
·
Atualizado
2022-05-14
·
CVE-2016-5016
CVSS v3.1
5.9
Média
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Pivotal Cloud Foundry versions 239 and earlier
UAA versions 3.4.1 and earlier
UAA release 12.2 and earlier
PCF Elastic Runtime versions 1.6.x before 1.6.35
PCF Elastic Runtime versions 1.7.x before 1.7.13
Description
The issue is related to the failure to validate if a certificate is expired.
Recommendations
For Pivotal Cloud Foundry versions 239 and earlier, update to a version later than 239.
For UAA versions 3.4.1 and earlier, update to a version later than 3.4.1.
For UAA release 12.2 and earlier, update to a release later than 12.2.
For PCF Elastic Runtime versions 1.6.x before 1.6.35, update to version 1.6.35 or later.
For PCF Elastic Runtime versions 1.7.x before 1.7.13, update to version 1.7.13 or later.
Correção
Improper Certificate Validation
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pcf Elastic Runtime
Pivotal Cloud Foundry
Uaa