Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry uaa release vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-3191
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an malicious user to trigger an e-mail change for a...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
4.3
CVSSv2
CVE-2015-3189
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerabilit...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
5.8
CVSSv2
CVE-2015-3190
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an malicious user to insert malicious web page as a redi...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.5
CVSSv2
CVE-2018-1262
Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, g...
Pivotal Software Cloud Foundry Uaa 4.13.2
Pivotal Software Cloud Foundry Uaa 4.13.3
Pivotal Software Cloud Foundry Uaa 4.13.1
Pivotal Software Cloud Foundry Uaa 4.12.1
Pivotal Software Cloud Foundry Uaa 4.13.4
Pivotal Software Cloud Foundry Uaa 4.12.0
Pivotal Software Cloud Foundry Uaa 4.13.0
Pivotal Software Cloud Foundry Uaa 4.12.2
Pivotal Software Cloud Foundry Uaa-release 57.1
Pivotal Software Cloud Foundry Uaa-release 58
Pivotal Software Cloud Foundry Uaa-release 57
Cloudfoundry Cf-deployment
6
CVSSv2
CVE-2017-8034
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. With certain multi-zone UAA configurations,...
Cloudfoundry Capi-release
Cloudfoundry Cf-release
Cloudfoundry Routing-release
2.6
CVSSv2
CVE-2016-6659
Cloud Foundry prior to 248; UAA 2.x prior to 2.7.4.12, 3.x prior to 3.6.5, and 3.7.x up to and including 3.9.x prior to 3.9.3; and UAA bosh release (aka uaa-release) prior to 13.9 for UAA 3.6.5 and prior to 24 for UAA 3.9.3 allow malicious users to gain privileges by accessing UA...
Cloudfoundry Cloud Foundry Uaa Bosh
Pivotal Software Cloud Foundry
Pivotal Software Cloud Foundry Uaa
4.3
CVSSv2
CVE-2016-3084
The UAA reset password flow in Cloud Foundry release v236 and previous versions versions, UAA release v3.3.0 and previous versions versions, all versions of Login-server, UAA release v10 and previous versions versions and Pivotal Elastic Runtime versions before 1.7.2 is vulnerabl...
Pivotal Software Login-server -
Cloudfoundry Cloud Foundry Uaa Bosh
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry
6.5
CVSSv2
CVE-2016-0732
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 up to and including 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 up to and including 1.6.13 allows remote authenticated users with p...
Cloudfoundry Cf-release
Cloudfoundry User Account And Authentication 2.2.5.3
Cloudfoundry User Account And Authentication 2.4.1
Cloudfoundry User Account And Authentication 2.4.0
Cloudfoundry User Account And Authentication 2.3.1.1
Cloudfoundry User Account And Authentication 2.0.2
Cloudfoundry User Account And Authentication 2.0.1
Cloudfoundry User Account And Authentication 2.0.0
Cloudfoundry User Account And Authentication 2.7.3
Cloudfoundry User Account And Authentication 2.7.2
Cloudfoundry User Account And Authentication 2.7.0.3
Cloudfoundry User Account And Authentication 2.5.2
Cloudfoundry User Account And Authentication 2.5.0
Cloudfoundry User Account And Authentication 2.2.5.2
Cloudfoundry User Account And Authentication 2.3.0
Cloudfoundry User Account And Authentication 2.2.5
Cloudfoundry User Account And Authentication 2.2.1
Cloudfoundry User Account And Authentication 2.1.0
Cloudfoundry User Account And Authentication 2.7.0.1
Cloudfoundry User Account And Authentication 2.7.0
Cloudfoundry User Account And Authentication 2.6.2
Cloudfoundry User Account And Authentication 2.6.1
6
CVSSv2
CVE-2019-3798
Cloud Foundry Cloud Controller API Release, versions before 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalat...
Cloudfoundry Capi-release
4.3
CVSSv2
CVE-2016-0781
The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions before 1.6.20 are vulnerable to an XSS attack by specifying malicious java script ...
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
Pivotal Software Cloud Foundry Elastic Runtime 1.6.4
Pivotal Software Cloud Foundry Elastic Runtime 1.6.5
Pivotal Software Cloud Foundry Elastic Runtime 1.6.6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.19
Pivotal Software Cloud Foundry Uaa 3.0.0
Pivotal Software Cloud Foundry Uaa 3.0.1
Pivotal Software Cloud Foundry Uaa 3.1.0
Pivotal Software Cloud Foundry 219
Pivotal Software Cloud Foundry 220
Pivotal Software Cloud Foundry 221
Pivotal Software Cloud Foundry 222
Pivotal Software Login-server -
Cloudfoundry Cloud Foundry Uaa Bosh 6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.6.7
Pivotal Software Cloud Foundry Elastic Runtime 1.6.9
Pivotal Software Cloud Foundry Elastic Runtime 1.6.16
Pivotal Software Cloud Foundry Elastic Runtime 1.6.18
Pivotal Software Cloud Foundry Uaa 3.2.0
Pivotal Software Cloud Foundry 208
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »