An issue exists in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
pivotal software cloud foundry uaa 3.10.0 |
||
pivotal software cloud foundry uaa 3.9.6 |
||
pivotal software cloud foundry uaa 3.9.8 |
||
cloudfoundry cloud foundry uaa bosh 24.3 |
||
cloudfoundry cloud foundry uaa bosh 24.5 |
||
pivotal software cloud foundry 250.0 |
||
pivotal software cloud foundry 248.0 |
||
cloudfoundry cloud foundry uaa bosh 22 |
||
cloudfoundry cloud foundry uaa bosh 23 |
||
cloudfoundry cloud foundry uaa bosh 24 |
||
cloudfoundry cloud foundry uaa bosh 24.1 |
||
pivotal software cloud foundry 252.0 |
||
pivotal software cloud foundry uaa 3.9.0 |
||
pivotal software cloud foundry uaa 3.9.1 |
||
pivotal software cloud foundry uaa 3.9.2 |
||
pivotal software cloud foundry uaa 3.9.3 |
||
pivotal software cloud foundry uaa 3.9.4 |
||
pivotal software cloud foundry uaa 3.9.5 |
||
cloudfoundry cloud foundry uaa bosh 24.6 |
||
cloudfoundry cloud foundry uaa bosh 25 |
||
cloudfoundry cloud foundry uaa bosh 26 |
||
pivotal software cloud foundry 251.0 |
||
pivotal software cloud foundry uaa 3.11.0 |
||
pivotal software cloud foundry uaa 3.9.7 |
||
cloudfoundry cloud foundry uaa bosh 21 |
||
cloudfoundry cloud foundry uaa bosh 24.2 |
||
cloudfoundry cloud foundry uaa bosh 24.4 |
||
pivotal software cloud foundry 249.0 |
||
pivotal software cloud foundry 247.0 |
Vulmon