Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal software cloud foundry uaa vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-3189
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerabilit...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
383
VMScore
CVE-2016-5016
Pivotal Cloud Foundry 239 and previous versions, UAA (aka User Account and Authentication Server) 3.4.1 and previous versions, UAA release 12.2 and previous versions, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x prior to 1.6.35, and PCF Elastic Runtime 1.7.x prior to 1.7...
Pivotal Software Cloud Foundry
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release
356
VMScore
CVE-2019-11282
Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote authenticated malicious user with scim.invite scope can craft a request with malicious content which can leak information about users of the UAA.
Cloudfoundry Cf-deployment
Pivotal Software Cloud Foundry Uaa
356
VMScore
CVE-2019-11268
Cloud Foundry UAA version before 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user with basic read privileges for one identity zone can extend those reading privileges to all other identity zones and obtain private information on users, cl...
Pivotal Software Cloud Foundry Uaa-release
356
VMScore
CVE-2018-15754
Cloud Foundry UAA, versions 60 before 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able ...
Pivotal Software Cloud Foundry Uaa-release
356
VMScore
CVE-2017-4974
An issue exists in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior...
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 3.9.10
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
Pivotal Software Cloud Foundry Uaa 3.6.8
Pivotal Software Cloud Foundry Uaa 3.9.2
231
VMScore
CVE-2016-6659
Cloud Foundry prior to 248; UAA 2.x prior to 2.7.4.12, 3.x prior to 3.6.5, and 3.7.x up to and including 3.9.x prior to 3.9.3; and UAA bosh release (aka uaa-release) prior to 13.9 for UAA 3.6.5 and prior to 24 for UAA 3.9.3 allow malicious users to gain privileges by accessing UA...
Cloudfoundry Cloud Foundry Uaa Bosh
Pivotal Software Cloud Foundry
Pivotal Software Cloud Foundry Uaa
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4