Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal uaa vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-1264
Cloud Foundry Log Cache, versions before 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case, if ...
Pivotal Software Cloud Foundry Log Cache
4
CVSSv2
CVE-2018-1223
Cloud Foundry Container Runtime (kubo-release), versions before 0.14.0, may leak UAA and vCenter credentials to application logs. A malicious user with the ability to read the application logs could use these credentials to escalate privileges.
Pivotal Cloud Foundry Container Runtime
5.5
CVSSv2
CVE-2018-15795
Pivotal CredHub Service Broker, versions before 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Pivotal Software Credhub Service Broker
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5