Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Pivotal Software Subscribe
Filtered by product Cloudfoundry Uaa Release
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-15761 1 Pivotal Software 2 Cloud Foundry Uaa, Cloudfoundry Uaa Release 2024-11-21 6.5 MEDIUM 9.9 CRITICAL
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.
CVE-2018-11082 1 Pivotal Software 2 Cloudfoundry Uaa, Cloudfoundry Uaa Release 2024-11-21 5.0 MEDIUM 6.6 MEDIUM
Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024