Known Vulnerabilities for Cloud Foundry Uaa by Pivotal Software

Listed below are 10 of the newest known vulnerabilities associated with "Cloud Foundry Uaa" by "Pivotal Software".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2019-11282	Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote auth...	4.3 - MEDIUM	2019-10-23	2021-08-17
CVE-2019-11270	Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' a...	7.5 - HIGH	2019-08-05	2020-10-02
CVE-2019-3794	Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can ...	5.4 - MEDIUM	2019-07-18	2020-10-16
CVE-2018-15761	Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allo...	8.8 - HIGH	2018-11-19	2019-10-09
CVE-2018-11047	Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and...	7.5 - HIGH	2018-07-24	2019-10-03
CVE-2018-11041	Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than ...	6.1 - MEDIUM	2018-06-25	2018-08-23
CVE-2018-1262	Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across ...	7.2 - HIGH	2018-05-15	2021-08-17
CVE-2018-1192	In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior...	8.8 - HIGH	2018-02-01	2018-02-28
CVE-2017-4963	An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release ...	8.1 - HIGH	2017-06-13	2019-07-30
CVE-2017-4960	An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA B...	7.5 - HIGH	2017-03-10	2021-08-06

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Pivotal Software	Cloud Foundry Uaa	9	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	8	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	74.5.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	74.4.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	74.3.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	74.2.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	74.1.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	74.0.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	73.7.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	73.4.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	73.3.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	73.0.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	72.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	71.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	70.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	7	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	69.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	68.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	67.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa	66.0	All	All	All

Results limited to 20 most recent known configurations