Vulnerability in Cloud Foundry Bosh
CVE-2018-11083
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with a…
EPSS: 0.015 (70.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Cloud Foundry Bosh — versions 266, 265, 267
- Cloud_foundry Bosh
References
- security_alert@emc.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2018-11083?
- CVE-2018-11083 is a high-severity vulnerability in Cloud Foundry Bosh. CVSS score: 8.1/10. Published 2018-10-05.
- How severe is CVE-2018-11083?
- High severity. CVSS v3 base score is 8.1 out of 10.