Vulnerability in Cloud Foundry Bosh

CVE-2018-11083

Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with a…

EPSS: 0.015 (70.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

References

Frequently asked questions

What is CVE-2018-11083?
CVE-2018-11083 is a high-severity vulnerability in Cloud Foundry Bosh. CVSS score: 8.1/10. Published 2018-10-05.
How severe is CVE-2018-11083?
High severity. CVSS v3 base score is 8.1 out of 10.