Known Vulnerabilities for Cloud Foundry Uaa-release by Pivotal Software

Listed below are 8 of the newest known vulnerabilities associated with "Cloud Foundry Uaa-release" by "Pivotal Software".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2019-11268	Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user...	4.3 - MEDIUM	2019-07-11	2020-10-02
CVE-2019-3787	Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is ...	8.8 - HIGH	2019-06-19	2020-02-10
CVE-2018-15754	Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity pr...	8.8 - HIGH	2018-12-13	2019-10-09
CVE-2018-11041	Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than ...	6.1 - MEDIUM	2018-06-25	2018-08-23
CVE-2018-1262	Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across ...	7.2 - HIGH	2018-05-15	2021-08-17
CVE-2018-1192	In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior...	8.8 - HIGH	2018-02-01	2018-02-28
CVE-2017-4963	An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release ...	8.1 - HIGH	2017-06-13	2019-07-30
CVE-2016-5016	Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 a...	5.9 - MEDIUM	2017-04-24	2019-02-26

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Pivotal Software	Cloud Foundry Uaa-release	9	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	8	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	73.4.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	73.3.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	73.0.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	72.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	71.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	70.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	7	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	69.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	68.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	67.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	66.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	64.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	63.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	62.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	61.0	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	60.2	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	60	All	All	All
Application	Pivotal Software	Cloud Foundry Uaa-release	6	All	All	All

Results limited to 20 most recent known configurations