Known Vulnerabilities for Cloud Foundry Uaa by Pivotal Software

Listed below are 10 of the newest known vulnerabilities associated with "Cloud Foundry Uaa" by "Pivotal Software".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-22734 json	Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-pr...	Not Provided	2026-04-17	2026-04-17
CVE-2019-11282 json	Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote auth...	4.3 - MEDIUM	2019-10-23	2021-08-17
CVE-2019-11270 json	Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' a...	7.5 - HIGH	2019-08-05	2020-10-02
CVE-2019-3794 json	Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can ...	5.4 - MEDIUM	2019-07-18	2020-10-16
CVE-2018-15761 json	Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allo...	8.8 - HIGH	2018-11-19	2019-10-09
CVE-2018-11047 json	Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and...	7.5 - HIGH	2018-07-24	2019-10-03
CVE-2018-11041 json	Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than ...	6.1 - MEDIUM	2018-06-25	2018-08-23
CVE-2018-1262 json	Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across ...	7.2 - HIGH	2018-05-15	2021-08-17
CVE-2018-1192 json	In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior...	8.8 - HIGH	2018-02-01	2018-02-28
CVE-2017-8032 json	In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, ...	6.6 - MEDIUM	2017-07-10	2021-08-06

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version
Application	Pivotal Software	Cloud Foundry Uaa	9
Application	Pivotal Software	Cloud Foundry Uaa	8
Application	Pivotal Software	Cloud Foundry Uaa	74.5.0
Application	Pivotal Software	Cloud Foundry Uaa	74.4.0
Application	Pivotal Software	Cloud Foundry Uaa	74.3.0
Application	Pivotal Software	Cloud Foundry Uaa	74.2.0
Application	Pivotal Software	Cloud Foundry Uaa	74.1.0
Application	Pivotal Software	Cloud Foundry Uaa	74.0.0
Application	Pivotal Software	Cloud Foundry Uaa	73.7.0
Application	Pivotal Software	Cloud Foundry Uaa	73.4.0
Application	Pivotal Software	Cloud Foundry Uaa	73.3.0
Application	Pivotal Software	Cloud Foundry Uaa	73.0.0
Application	Pivotal Software	Cloud Foundry Uaa	72.0
Application	Pivotal Software	Cloud Foundry Uaa	71.0
Application	Pivotal Software	Cloud Foundry Uaa	70.0
Application	Pivotal Software	Cloud Foundry Uaa	7
Application	Pivotal Software	Cloud Foundry Uaa	69.0
Application	Pivotal Software	Cloud Foundry Uaa	68.0
Application	Pivotal Software	Cloud Foundry Uaa	67.0
Application	Pivotal Software	Cloud Foundry Uaa	66.0

Results limited to 20 most recent known configurations