{"id":"CVE-2016-6636","details":"The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.1; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 mishandles redirect_uri subdomains, which allows remote attackers to obtain implicit access tokens via a modified subdomain.","modified":"2026-04-10T03:52:43.336926Z","published":"2016-09-30T00:59:00.180Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/93246"},{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2016-6636"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/cf-release","events":[{"introduced":"0"},{"last_affected":"ae0aca492ca3c5c2cc00ddaf9630b36372874b56"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"241"}]}},{"type":"GIT","repo":"https://github.com/cloudfoundry/uaa","events":[{"introduced":"0"},{"last_affected":"ae59bf11fec166fd075b1dbead2ae16effa57e3f"},{"introduced":"0"},{"last_affected":"96b1fc8e3a982b6f478e363f3919a4a16e0a6a92"},{"introduced":"0"},{"last_affected":"58caa488fe3cc30f745b9f5079c42141d606436b"},{"introduced":"0"},{"last_affected":"e0080f861db5b30c0793973e5c4fff7153040ecb"},{"introduced":"0"},{"last_affected":"bb75c2730c921667652b4589d67bec2246b1f306"},{"introduced":"0"},{"last_affected":"cde7ba5da9b64cb45bd64c61c6fb2899bbc3e0f2"},{"introduced":"0"},{"last_affected":"585adc1bde0b242e204b6a6300e19ee5283c2bbe"},{"introduced":"0"},{"last_affected":"36efbc0bf6186a4abaf51c04e55cdb2d5e15091b"},{"introduced":"0"},{"last_affected":"3ce2a53c261790f5a4cbddff3dd4dcf4a82d69ac"},{"introduced":"0"},{"last_affected":"e6462b9089cbcd95b0c57d226fc16f49cd3ef3fc"},{"introduced":"0"},{"last_affected":"585adc1bde0b242e204b6a6300e19ee5283c2bbe"},{"introduced":"0"},{"last_affected":"36efbc0bf6186a4abaf51c04e55cdb2d5e15091b"},{"introduced":"0"},{"last_affected":"3ce2a53c261790f5a4cbddff3dd4dcf4a82d69ac"},{"introduced":"0"},{"last_affected":"e6462b9089cbcd95b0c57d226fc16f49cd3ef3fc"},{"introduced":"0"},{"last_affected":"a32678a82805c9c8296a821129f2bf974ca65e2e"},{"introduced":"0"},{"last_affected":"091c5e5961dd33c8c7ca5a15f4020e47d266a1c3"},{"introduced":"0"},{"last_affected":"3172506e9a318f0b37dfb4f1d0fbc029720a6206"},{"introduced":"0"},{"last_affected":"eae6724659f5ef2fdf5d2ac6db1aba61087cc01a"},{"introduced":"0"},{"last_affected":"fc56717a849e02908b6c4c98d8a3fe9dda4a7cb2"},{"introduced":"0"},{"last_affected":"4d8876053a5062e4262b49eea5fa558da01db9f5"},{"introduced":"0"},{"last_affected":"ff0958c08a93fbbb5f01ec9986cc066dd4497f9c"},{"introduced":"0"},{"last_affected":"79188ac64074380c3ac5ff8dc32468e73e1c4c4b"},{"introduced":"0"},{"last_affected":"868d1b66623c20290f87c424a27cbf12220ef1fe"},{"introduced":"0"},{"last_affected":"848792d60da36dc3cca6e4f98fc26c32ff1ad852"},{"introduced":"0"},{"last_affected":"a54d147a0a0f2bad89b3cb768338acd3009cc815"},{"introduced":"0"},{"last_affected":"2324b38f690ff5809fefd8217b319c9dbdc10c99"},{"introduced":"0"},{"last_affected":"4f37e9b4f1a5da785ebc475559d2c64841daa163"},{"introduced":"0"},{"last_affected":"9b5c13d793ebfe358e26559cedc6b528a557b43f"},{"introduced":"0"},{"last_affected":"769e65183c297651cdd7bedab1dff112f9d38920"},{"introduced":"0"},{"last_affected":"616e8bcc58f9bc16f9d9ec806da1b0bf0f5dae85"},{"introduced":"0"},{"last_affected":"85fbe8ee080c50a86ac2f90fcdc705e3db6e82eb"},{"introduced":"0"},{"last_affected":"5c2377487bef9d716d5c8e5717df1fc00bc7b000"},{"introduced":"0"},{"last_affected":"23e4e93466820617370002ee806624425df68dae"},{"introduced":"0"},{"last_affected":"ddae2a131ab505ddf079a7db4289205098373244"},{"introduced":"0"},{"last_affected":"094f75188cc0606c5194cc64cf722c54ec8bfd2b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.6.0"},{"introduced":"0"},{"last_affected":"1.6.1"},{"introduced":"0"},{"last_affected":"1.6.2"},{"introduced":"0"},{"last_affected":"1.6.3"},{"introduced":"0"},{"last_affected":"1.6.4"},{"introduced":"0"},{"last_affected":"1.6.5"},{"introduced":"0"},{"last_affected":"1.7.0"},{"introduced":"0"},{"last_affected":"1.7.1"},{"introduced":"0"},{"last_affected":"1.7.2"},{"introduced":"0"},{"last_affected":"1.8.0"},{"introduced":"0"},{"last_affected":"1.7.0"},{"introduced":"0"},{"last_affected":"1.7.1"},{"introduced":"0"},{"last_affected":"1.7.2"},{"introduced":"0"},{"last_affected":"1.8.0"},{"introduced":"0"},{"last_affected":"2.3.0"},{"introduced":"0"},{"last_affected":"2.3.1"},{"introduced":"0"},{"last_affected":"2.4.0"},{"introduced":"0"},{"last_affected":"2.5.1"},{"introduced":"0"},{"last_affected":"2.6.1"},{"introduced":"0"},{"last_affected":"2.7.0.2"},{"introduced":"0"},{"last_affected":"2.7.0.3"},{"introduced":"0"},{"last_affected":"2.7.1"},{"introduced":"0"},{"last_affected":"2.7.2"},{"introduced":"0"},{"last_affected":"2.7.3"},{"introduced":"0"},{"last_affected":"2.7.4.6"},{"introduced":"0"},{"last_affected":"3.0.0"},{"introduced":"0"},{"last_affected":"3.0.1"},{"introduced":"0"},{"last_affected":"3.1.0"},{"introduced":"0"},{"last_affected":"3.2.0"},{"introduced":"0"},{"last_affected":"3.2.1"},{"introduced":"0"},{"last_affected":"3.3.0"},{"introduced":"0"},{"last_affected":"3.3.0.1"},{"introduced":"0"},{"last_affected":"3.4.0"},{"introduced":"0"},{"last_affected":"3.4.1"},{"introduced":"0"},{"last_affected":"3.4.2"}]}},{"type":"GIT","repo":"https://github.com/cloudfoundry/uaa-release","events":[{"introduced":"0"},{"last_affected":"b4b444b12a80357c4e64ba9e5c10ac998dc83c05"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"12.3"}]}}],"versions":["-","1.0.1","1.0.3","1.1","1.1.1","1.1.2","1.10","1.11","1.2.0","1.2.6","1.4.0","1.4.1","1.4.2","1.4.3","1.4.5","1.4.6","1.4.7","1.5.0","1.5.2","1.5.2.1","1.5.3","1.5.4","1.5.4.1","1.6.0","1.6.1","1.6.2","1.6.3","1.6.4","1.6.5","1.7.0","1.7.1","1.7.2","1.8.0","1.8.1","1.8.2","1.8.3","1.9.0","1.9.1","2.0.0","2.0.1","2.0.2","2.0.3","2.1.0","2.2.4.1","2.2.5","2.2.6","2.3.0","2.3.1","2.3.1.1","2.4.0","2.4.1","2.5.0","2.5.1","2.5.2","2.6.0","2.6.1","2.6.2","2.7.0","2.7.0.1","2.7.0.2","2.7.0.3","2.7.1","2.7.2","2.7.3","2.7.4","2.7.4.1","2.7.4.2","2.7.4.3","2.7.4.4","2.7.4.5","2.7.4.6","3.0.0","3.0.1","3.1.0","3.2.0","3.2.1","3.3.0","3.3.0.1","3.4.0","3.4.1","3.4.2","ci-upgrade","lenient_hybrid_flow","list","log","rc145.0","scotty_09012012","travis-success-1475","travis-success-1478","travis-success-1497","v10","v100","v102","v103","v104","v105","v109","v11","v119","v12","v12.3","v132","v133","v134","v135","v136","v137","v140","v143","v156","v157","v161","v170","v183","v2","v205","v241","v3","v6","v7","v8","v9","v99","works-for-us"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.6.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.7"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.10"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.11"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.12"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.13"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.14"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.15"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.17"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.18"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.19"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.20"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.21"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.22"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.23"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.25"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.26"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.27"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.28"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.29"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.30"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.31"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.32"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.33"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.34"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.35"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.36"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.37"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.38"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.39"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.10"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.11"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.12"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.13"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.14"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.15"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.16"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.17"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.18"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.19"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.20"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.10"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.11"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.12"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6636.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}