CVE-2016-0896

First published: Sun Sep 18 2016(Updated: )

Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.34 and 1.7.x before 1.7.12 places 169.254.0.0/16 in the all_open Application Security Group, which might allow remote attackers to bypass intended network-connectivity restrictions by leveraging access to the 169.254.169.254 address.

Credit: security_alert@emc.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/severity
• agent/weakness
• agent/references
• agent/author
• agent/event
• agent/type
• agent/description
• agent/first-publish-date
• agent/last-modified-date
• agent/softwarecombine
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/pivotal software
• canonical/pivotal software cloud foundry elastic runtime
• version/pivotal software cloud foundry elastic runtime/1.6.33
• version/pivotal software cloud foundry elastic runtime/1.7.0
• version/pivotal software cloud foundry elastic runtime/1.7.1
• version/pivotal software cloud foundry elastic runtime/1.7.2
• version/pivotal software cloud foundry elastic runtime/1.7.3
• version/pivotal software cloud foundry elastic runtime/1.7.4
• version/pivotal software cloud foundry elastic runtime/1.7.5
• version/pivotal software cloud foundry elastic runtime/1.7.6
• version/pivotal software cloud foundry elastic runtime/1.7.7
• version/pivotal software cloud foundry elastic runtime/1.7.8
• version/pivotal software cloud foundry elastic runtime/1.7.9
• version/pivotal software cloud foundry elastic runtime/1.7.10
• version/pivotal software cloud foundry elastic runtime/1.7.11