Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud foundry uaa vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-5173
Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow malicious users to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage.&qu...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
8.8
CVSSv3
CVE-2016-0732
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 up to and including 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 up to and including 1.6.13 allows remote authenticated users with p...
Cloudfoundry Cf-release
Cloudfoundry User Account And Authentication 2.2.5.3
Cloudfoundry User Account And Authentication 2.4.1
Cloudfoundry User Account And Authentication 2.4.0
Cloudfoundry User Account And Authentication 2.3.1.1
Cloudfoundry User Account And Authentication 2.0.2
Cloudfoundry User Account And Authentication 2.0.1
Cloudfoundry User Account And Authentication 2.0.0
Cloudfoundry User Account And Authentication 2.7.3
Cloudfoundry User Account And Authentication 2.7.2
Cloudfoundry User Account And Authentication 2.7.0.3
Cloudfoundry User Account And Authentication 2.5.2
Cloudfoundry User Account And Authentication 2.5.0
Cloudfoundry User Account And Authentication 2.2.5.2
Cloudfoundry User Account And Authentication 2.3.0
Cloudfoundry User Account And Authentication 2.2.5
Cloudfoundry User Account And Authentication 2.2.1
Cloudfoundry User Account And Authentication 2.1.0
Cloudfoundry User Account And Authentication 2.7.0.1
Cloudfoundry User Account And Authentication 2.7.0
Cloudfoundry User Account And Authentication 2.6.2
Cloudfoundry User Account And Authentication 2.6.1
6.6
CVSSv3
CVE-2017-8034
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. With certain multi-zone UAA configurations,...
Cloudfoundry Capi-release
Cloudfoundry Cf-release
Cloudfoundry Routing-release
6.6
CVSSv3
CVE-2017-8032
In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions pri...
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.2
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4.14
Pivotal Software Cloud Foundry Uaa 2.7.4.15
Pivotal Software Cloud Foundry Uaa 2.7.4.16
Pivotal Software Cloud Foundry Uaa 3.6.1
Pivotal Software Cloud Foundry Uaa 3.9.3
Pivotal Software Cloud Foundry Uaa 3.9.4
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 3.9.6
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 2.7.4.9
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.3
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.12
Pivotal Software Cloud Foundry Uaa 3.9.2
Pivotal Software Cloud Foundry Uaa 3.9.7
1 Article
7.5
CVSSv3
CVE-2017-4972
An issue exists in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior...
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 3.6.9
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.8
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.3
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
7.2
CVSSv3
CVE-2017-4991
An issue exists in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prio...
Pivotal Software Cloud Foundry Uaa 2.7.4.15
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 3.6.9
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.8
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.3
Pivotal Software Cloud Foundry Uaa 3.6.5
7.5
CVSSv3
CVE-2017-4994
An issue exists in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release (uaa-release) 13.x versions prior...
Cloudfoundry Cloud Foundry Uaa Bosh 24.2
Cloudfoundry Cloud Foundry Uaa Bosh 24.3
Cloudfoundry Cloud Foundry Uaa Bosh 24.4
Cloudfoundry Cloud Foundry Uaa Bosh 24.5
Cloudfoundry Cloud Foundry Uaa Bosh 13.8
Cloudfoundry Cloud Foundry Uaa Bosh 13.9
Cloudfoundry Cloud Foundry Uaa Bosh 13.10
Cloudfoundry Cloud Foundry Uaa Bosh
Cloudfoundry Cloud Foundry Uaa Bosh 24
Cloudfoundry Cloud Foundry Uaa Bosh 30
Cloudfoundry Cloud Foundry Uaa Bosh 24.10
Pivotal Software Cloud Foundry Cf
Cloudfoundry Cloud Foundry Uaa Bosh 13.1
Cloudfoundry Cloud Foundry Uaa Bosh 13.2
Cloudfoundry Cloud Foundry Uaa Bosh 13.3
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa 3.9.12
Pivotal Software Cloud Foundry Uaa 3.9.13
Pivotal Software Cloud Foundry Uaa 3.9.1
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.6
8.1
CVSSv3
CVE-2017-4963
An issue exists in Cloud Foundry Foundation Cloud Foundry release v252 and previous versions versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to auth...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Cf-release
1 Github repository
8.8
CVSSv3
CVE-2017-4973
An issue exists in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior...
Cloudfoundry Cloud Foundry Uaa Bosh 30.3
Cloudfoundry Cloud Foundry Uaa Bosh 24.2
Cloudfoundry Cloud Foundry Uaa Bosh 24.4
Cloudfoundry Cloud Foundry Uaa Bosh 13.2
Cloudfoundry Cloud Foundry Uaa Bosh 13.4
Cloudfoundry Cloud Foundry Uaa Bosh 13.11
Pivotal Software Cloud Foundry Uaa 3.9.13
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 3.9.7
Pivotal Software Cloud Foundry Uaa 3.9.9
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 2.7.4.9
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Cloudfoundry Cloud Foundry Uaa Bosh 24.5
Cloudfoundry Cloud Foundry Uaa Bosh 24.6
Pivotal Software Cloud Foundry Cf
Cloudfoundry Cloud Foundry Uaa Bosh 13.1
Pivotal Software Cloud Foundry Uaa 3.9.1
Pivotal Software Cloud Foundry Uaa 3.9.2
6.5
CVSSv3
CVE-2017-4974
An issue exists in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior...
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 3.9.10
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
Pivotal Software Cloud Foundry Uaa 3.6.8
Pivotal Software Cloud Foundry Uaa 3.9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »