Is CVE-2016-0732 actively exploited?

CVE-2016-0732 has no public evidence of in-the-wild exploitation as of 2025-04-20.

What is the CVSS score for CVE-2016-0732?

CVE-2016-0732 has a CVSS score of 8.8 (HIGH severity). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

How do I patch CVE-2016-0732?

Patch guidance is available from cloudfoundry security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2016-0732.

Fix CVE-2016-0732 - HIGH cloudfoundry cf-release

Q: Which products are affected by CVE-2016-0732?

51 products: cloudfoundry cf-release, cloudfoundry user account and authentication, cloudfoundry user account and authentication, cloudfoundry user account and authentication, cloudfoundry user account and authentication, and 46 more.

Description

The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector: network
Complexity: low
Privileges: low
User Action: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Weaknesses: CWE-269 · Improper Privilege Management

Metadata

Primary Vendor: CLOUDFOUNDRY
Published: 9/7/2017
Last Modified: 4/20/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

cloudfoundry : cf-releasecloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : user_account_and_authenticationcloudfoundry : uaa-releasecloudfoundry : uaa-releasecloudfoundry : uaa-releasepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtimepivotal : elastic_runtime

Remediation Guidance

Executive Summary

View on NIST NVD