{"id":"CVE-2016-2169","details":"Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a route that conflicts with a platform service route and receive traffic intended for the service.","modified":"2026-04-11T15:23:12.295618Z","published":"2018-04-18T16:29:00.213Z","references":[{"type":"ADVISORY","url":"https://github.com/cloudfoundry/cloud_controller_ng/issues/568"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry-attic/cf-release","events":[{"introduced":"0"},{"fixed":"f074de44d1c484158c8176113b9cb5902db685ec"}],"database_specific":{"cpe":"cpe:2.3:a:cloudfoundry:cf-release:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"237"}]}}],"versions":["-","list","log","rc145.0","scotty_09012012","v100","v102","v103","v104","v105","v109","v119","v132","v133","v134","v135","v136","v137","v140","v143","v156","v157","v161","v170","v183","v205","v99","works-for-us"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2169.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/capi-release","events":[{"introduced":"0"},{"fixed":"c4351f15e9900b53eb50dd42ad8ad3f0ee943da5"}],"database_specific":{"cpe":"cpe:2.3:a:cloudfoundry:capi-release:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"1.0.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2169.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}