Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud foundry uaa vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-1192
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions before 4.5.5, 4.8.x versions before 4.8.3, and 4.7.x versions before 4.7.4; and UAA-release 45.7.x versions before 45.7, 52.7.x versions before 52.7, and 53.3.x...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release 53.3
Pivotal Software Cloud Foundry Uaa-release 52.7
Pivotal Software Cloud Foundry Uaa-release 45.7
Pivotal Software Cloud Foundry Cf-release
Pivotal Software Cloud Foundry Cf-deployment
6.1
CVSSv3
CVE-2018-11041
Cloud Foundry UAA, versions later than 4.6.0 and before 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, all...
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Uaa
5.9
CVSSv3
CVE-2016-5016
Pivotal Cloud Foundry 239 and previous versions, UAA (aka User Account and Authentication Server) 3.4.1 and previous versions, UAA release 12.2 and previous versions, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x prior to 1.6.35, and PCF Elastic Runtime 1.7.x prior to 1.7...
Pivotal Software Cloud Foundry
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release
8.1
CVSSv3
CVE-2017-4963
An issue exists in Cloud Foundry Foundation Cloud Foundry release v252 and previous versions versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to auth...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Cf-release
1 Github repository
8.1
CVSSv3
CVE-2016-3084
The UAA reset password flow in Cloud Foundry release v236 and previous versions versions, UAA release v3.3.0 and previous versions versions, all versions of Login-server, UAA release v10 and previous versions versions and Pivotal Elastic Runtime versions before 1.7.2 is vulnerabl...
Pivotal Software Login-server -
Cloudfoundry Cloud Foundry Uaa Bosh
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry
6.1
CVSSv3
CVE-2016-0781
The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions before 1.6.20 are vulnerable to an XSS attack by specifying malicious java script ...
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
Pivotal Software Cloud Foundry Elastic Runtime 1.6.4
Pivotal Software Cloud Foundry Elastic Runtime 1.6.5
Pivotal Software Cloud Foundry Elastic Runtime 1.6.6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.19
Pivotal Software Cloud Foundry Uaa 3.0.0
Pivotal Software Cloud Foundry Uaa 3.0.1
Pivotal Software Cloud Foundry Uaa 3.1.0
Pivotal Software Cloud Foundry 219
Pivotal Software Cloud Foundry 220
Pivotal Software Cloud Foundry 221
Pivotal Software Cloud Foundry 222
Pivotal Software Login-server -
Cloudfoundry Cloud Foundry Uaa Bosh 6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.6.7
Pivotal Software Cloud Foundry Elastic Runtime 1.6.9
Pivotal Software Cloud Foundry Elastic Runtime 1.6.16
Pivotal Software Cloud Foundry Elastic Runtime 1.6.18
Pivotal Software Cloud Foundry Uaa 3.2.0
Pivotal Software Cloud Foundry 208
5.3
CVSSv3
CVE-2016-6636
The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) prior to 242; UAA 2.x prior to 2.7.4.7, 3.x prior to 3.3.0.5, and 3.4.x prior to 3.4.4; UAA BOSH prior to 11.5 and 12.x prior to 12.5; Elastic Runtime prior to 1.6.40, 1.7.x prior to 1.7.21, and 1.8.x prior to ...
Pivotal Software Cloud Foundry Ops Manager 1.7.12
Pivotal Software Cloud Foundry Ops Manager 1.7.5
Pivotal Software Cloud Foundry Ops Manager 1.7.4
Pivotal Software Cloud Foundry Elastic Runtime 1.6.39
Pivotal Software Cloud Foundry Elastic Runtime 1.6.38
Pivotal Software Cloud Foundry Elastic Runtime 1.6.30
Pivotal Software Cloud Foundry Elastic Runtime 1.6.29
Pivotal Software Cloud Foundry Elastic Runtime 1.6.21
Pivotal Software Cloud Foundry Elastic Runtime 1.6.20
Pivotal Software Cloud Foundry Elastic Runtime 1.6.12
Pivotal Software Cloud Foundry Elastic Runtime 1.6.11
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.7.16
Pivotal Software Cloud Foundry Elastic Runtime 1.7.15
Pivotal Software Cloud Foundry Elastic Runtime 1.7.8
Pivotal Software Cloud Foundry Elastic Runtime 1.7.7
Pivotal Software Cloud Foundry Elastic Runtime 1.7.6
Cloudfoundry Cloud Foundry Uaa Bosh
Pivotal Software Cloud Foundry Uaa 2.3.0
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.2
9.6
CVSSv3
CVE-2016-6637
Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal Cloud Foundry (PCF) prior to 242; UAA 2.x prior to 2.7.4.7, 3.x prior to 3.3.0.5, and 3.4.x prior to 3.4.4; UAA BOSH prior to 11.5 and 12.x prior to 12.5; Elastic Runtime prior to 1.6.40, 1.7.x prior to 1.7.21,...
Pivotal Software Cloud Foundry Ops Manager 1.7.9
Pivotal Software Cloud Foundry Ops Manager 1.7.8
Pivotal Software Cloud Foundry Ops Manager 1.7.1
Pivotal Software Cloud Foundry Ops Manager 1.7.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.34
Pivotal Software Cloud Foundry Elastic Runtime 1.6.33
Pivotal Software Cloud Foundry Elastic Runtime 1.6.26
Pivotal Software Cloud Foundry Elastic Runtime 1.6.25
Pivotal Software Cloud Foundry Elastic Runtime 1.6.17
Pivotal Software Cloud Foundry Elastic Runtime 1.6.15
Pivotal Software Cloud Foundry Elastic Runtime 1.6.7
Pivotal Software Cloud Foundry Elastic Runtime 1.6.6
Pivotal Software Cloud Foundry Elastic Runtime 1.7.20
Pivotal Software Cloud Foundry Elastic Runtime 1.7.19
Pivotal Software Cloud Foundry Elastic Runtime 1.7.12
Pivotal Software Cloud Foundry Elastic Runtime 1.7.11
Pivotal Software Cloud Foundry Elastic Runtime 1.7.10
Pivotal Software Cloud Foundry Elastic Runtime 1.7.3
Pivotal Software Cloud Foundry Elastic Runtime 1.7.2
Pivotal Software Cloud Foundry Uaa 2.5.1
Pivotal Software Cloud Foundry Uaa 2.6.1
Pivotal Software Cloud Foundry Uaa 3.0.1
7.5
CVSSv3
CVE-2018-11047
Cloud Foundry UAA, versions 4.19 before 4.19.2 and 4.12 before 4.12.4 and 4.10 before 4.10.2 and 4.7 before 4.7.6 and 4.5 before 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have ...
Pivotal Software Cloud Foundry Uaa
5.4
CVSSv3
CVE-2019-3794
Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites.
Pivotal Software Cloud Foundry Uaa
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »