{"id":"CVE-2016-0896","details":"Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.34 and 1.7.x before 1.7.12 places 169.254.0.0/16 in the all_open Application Security Group, which might allow remote attackers to bypass intended network-connectivity restrictions by leveraging access to the 169.254.169.254 address.","modified":"2026-04-10T03:46:08.374720Z","published":"2016-09-18T02:59:01.637Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/92161"},{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2016-0896"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/uaa","events":[{"introduced":"0"},{"last_affected":"585adc1bde0b242e204b6a6300e19ee5283c2bbe"},{"introduced":"0"},{"last_affected":"36efbc0bf6186a4abaf51c04e55cdb2d5e15091b"},{"introduced":"0"},{"last_affected":"3ce2a53c261790f5a4cbddff3dd4dcf4a82d69ac"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.7.0"},{"introduced":"0"},{"last_affected":"1.7.1"},{"introduced":"0"},{"last_affected":"1.7.2"}]}}],"versions":["1.0.1","1.0.3","1.1","1.1.1","1.1.2","1.2.0","1.2.6","1.4.0","1.4.1","1.4.2","1.4.3","1.4.5","1.4.6","1.4.7","1.5.0","1.5.2","1.5.2.1","1.5.3","1.5.4","1.5.4.1","1.6.0","1.6.4","1.6.5","1.7.0","1.7.1","1.7.2"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.6.33"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.10"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.11"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0896.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}