Pivotal_software Cloud_foundry_uaa

24 CVEs affecting Pivotal_software Cloud_foundry_uaa. Latest disclosed: 2017-10-24. Critical: 4, High: 13.

Top CVEs affecting Pivotal_software Cloud_foundry_uaa
CVESeverityScorePublishedSummary
CVE-2015-5172Critical9.82017-10-24Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified…
CVE-2015-5171Critical9.82017-10-24The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7…
CVE-2017-4992Critical9.82017-06-13An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3…
CVE-2016-6637Critical9.62016-09-30Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x bef…
CVE-2015-5173High8.82017-10-24Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified…
CVE-2015-5170High8.82017-10-24Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct c…
CVE-2017-4973High8.82017-06-13An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3…
CVE-2015-3191High8.82017-05-25With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the…
CVE-2016-4468High8.82017-04-11SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2…
CVE-2016-6651High8.82016-09-30The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before 243; UAA 2.x before 2.7.4.8, 3.x before 3.3.0.6, and 3.4.x before 3.4.5; UAA BOSH before 11…
CVE-2017-4963High8.12017-06-13An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.1…
CVE-2016-3084High8.12017-05-25The UAA reset password flow in Cloud Foundry release v236 and earlier versions, UAA release v3.3.0 and earlier versions, all versions of Login-server, UAA rele…
CVE-2016-6659High8.12016-12-23Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 f…
CVE-2017-4994High7.52017-06-13An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3…
CVE-2017-4972High7.52017-06-13An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3…
CVE-2017-4960High7.52017-03-10An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There…
CVE-2017-4991High7.22017-06-13An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3…
CVE-2017-8032Medium6.62017-07-10In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3…
CVE-2017-4974Medium6.52017-06-13An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3…
CVE-2016-0781Medium6.12017-05-25The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and…