Vulnerabilites related to cloudfoundry - user_account_and_authentication
Vulnerability from fkie_nvd
Published
2017-09-07 13:29
Modified
2024-11-21 02:42
Severity ?
Summary
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://pivotal.io/security/cve-2016-0732 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pivotal.io/security/cve-2016-0732 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:cf-release:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6351C26-3E4F-4783-AC20-13076FDFD898",
"versionEndIncluding": "229",
"versionStartIncluding": "208",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FAB232F-1FA4-4C5E-B302-68065DBA7510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44FEA25C-11C6-495C-84B6-EC8EDE0A5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D69110C2-044B-4EFE-B947-7E7FF382B110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62C001BE-9484-4AC9-9A03-890CD70A5DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3E5A61-D13E-427F-AD00-F86ECD567318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49D09957-D01C-4914-A05F-B5F242DAD261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86766366-895E-4AEB-B5B0-E8181109EF39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0EDADC-A658-4776-91C0-07DF44792356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC9EBE9-D869-4CAF-B4AD-F5F36EA040D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65E7C154-AB1D-4190-8C28-50355A6AC0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4ABB4CA3-B087-480F-BF3F-AE3FAEC4241F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AF5FCE-D03F-4642-A266-F7F4F2577F8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF0C1DC-E17B-41F2-B537-FD8950371064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "814FB6AA-4325-4AE6-9F92-01037EBE16EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BAACFFD2-AD71-4812-883A-7E27ECD79945",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2745C09B-1A58-47AA-99CF-7860CB3F9FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD6D54E-2336-4F94-B336-390123A3D2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75994E15-A991-4336-85FC-10CBAE5C69E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73193F21-2BD0-4481-9EBF-458984F1FC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBD2130-EB88-4988-8995-CAC28710F3D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04FCBE2B-A0DD-475C-94C6-01B365FA8705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1F712-56A8-4EEF-9220-7F047423611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7CE72-75BD-477B-A75D-8E0F8DB7678D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EC83A4-6CD0-4575-B504-0E4839DFF2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCBA7C49-82DC-42E6-BA32-624DCC91EE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F976310D-C749-4664-8AA4-548D23C39BCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52F58109-88F6-476D-B08A-801EC0A69BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "484046E8-4048-4397-B391-AFB7EF38993C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "905F3804-FAE0-4940-83D3-591A55A0B325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC27E1DD-648A-4FFC-8F4C-B3826329AC9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F50475-6C2B-4DEF-90B1-AEFACF6954F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEB468C-0748-4838-AD9E-ECF9B920B19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "09DC2E28-7D43-4323-A522-7FFEACB5E88A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:uaa-release:2:*:*:*:*:*:*:*",
"matchCriteriaId": "8703E628-1ECE-4CA2-8003-DC902E920EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:uaa-release:3:*:*:*:*:*:*:*",
"matchCriteriaId": "770AFCA5-A1FA-4CB6-98BF-A226D4DF429A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:uaa-release:4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6047B3-346D-4809-B713-9513935D5783",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5416C8-AB64-4BC5-B1FE-5C08F7D5AF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "459E7CBD-AF09-43F8-B224-6BF8BB4D396E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4BB9CD-3D23-4CC1-AEFA-19CADB24EFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1D43E8-A4E8-4D5E-B482-B301BAC99846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A0057F-FE6D-450B-83BF-00BB9D9DFCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A1763BC-6CD0-4AAE-BAA0-BE5F21EC7EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3E18E06E-FF5F-431D-A613-99FE7130BCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B04F41B2-E70D-4D5E-AB1E-2595A16AF3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F08EF3-A4A2-423E-A4B8-486220716DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "08D63E00-1DE1-4F76-A7E4-43BA0D643682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA097B-09DC-40A8-9353-A3BF45AF3A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3D149DEB-8FDB-42B3-A748-0A966D82DCA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "77ECF4F7-BF73-46D8-AC12-300135C1FC38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:elastic_runtime:1.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E827400C-F2C5-455E-8347-CD3628CACBCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors."
},
{
"lang": "es",
"value": "La caracter\u00edstica de zonas de identidad en Pivotal Cloud Foundry 208 a 229; UAA 2.0.0 a 2.7.3 y 3.0.0; UAA-Release 2 hasta la 4, cuando se configura con m\u00faltiples zonas de identidad; y Elastic Runtime 1.6.0 hasta la 1.6.13 permite que los usuarios remotos autenticados con privilegios en una zona obtengan privilegios y realicen operaciones en una zona diferente mediante vectores no especificados."
}
],
"id": "CVE-2016-0732",
"lastModified": "2024-11-21T02:42:16.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-07T13:29:00.293",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://pivotal.io/security/cve-2016-0732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://pivotal.io/security/cve-2016-0732"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-26 00:15
Modified
2024-11-21 04:20
Severity ?
Summary
Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://www.cloudfoundry.org/blog/cve-2019-11290 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cloudfoundry.org/blog/cve-2019-11290 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | cf-deployment | * | |
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E36917-B37C-42B0-8DC9-AFA832139BF2",
"versionEndExcluding": "12.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C8C7A2-CFA3-4D1C-9B65-A0EF9FFFA8D6",
"versionEndExcluding": "74.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat\u2019s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well."
},
{
"lang": "es",
"value": "Cloud Foundry UAA Release, versiones anteriores a la versi\u00f3n v74.8.0, registra todos los par\u00e1metros de consulta en el archivo de acceso de tomcat. Si los par\u00e1metros de consulta se utilizan para proporcionar autenticaci\u00f3n, es decir. credenciales, luego se registrar\u00e1n tambi\u00e9n."
}
],
"id": "CVE-2019-11290",
"lastModified": "2024-11-21T04:20:51.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@pivotal.io",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-26T00:15:11.547",
"references": [
{
"source": "security@pivotal.io",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11290"
}
],
"sourceIdentifier": "security@pivotal.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "security@pivotal.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-28 21:15
Modified
2025-02-19 19:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. It is expected that the UAA would reject a refresh token during a refresh token grant, but it does not (hence the vulnerability). It will continue to issue access tokens to request presenting such refresh tokens, as if the identity provider was still active. As a result, clients with refresh tokens issued through the deactivated identity provider would still have access to Cloud Foundry resources until their refresh token expires (which defaults to 30 days).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4978589D-A0BA-4294-BC27-B4E649AD7869",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. It is expected that the UAA would reject a refresh token during a refresh token grant, but it does not (hence the vulnerability). It will continue to issue access tokens to request presenting such refresh tokens, as if the identity provider was still active. As a result, clients with refresh tokens issued through the deactivated identity provider would still have access to Cloud Foundry resources until their refresh token expires (which defaults to 30 days)."
}
],
"id": "CVE-2023-20903",
"lastModified": "2025-02-19T19:15:12.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-28T21:15:10.633",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2023-20903-tokens-for-inactivated-idps-are-not-revoked-and-remain-valid-until-expiration/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2023-20903-tokens-for-inactivated-idps-are-not-revoked-and-remain-valid-until-expiration/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims’ accounts in certain cases along with redirection of UAA users to a malicious sites.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | cf-deployment | * | |
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B09AA5F-56AB-4CC9-A241-69FF7E2865ED",
"versionEndExcluding": "16.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "925CA957-B95E-4FB4-BDA9-2A55CC033663",
"versionEndExcluding": "75.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims\u2019 accounts in certain cases along with redirection of UAA users to a malicious sites."
},
{
"lang": "es",
"value": "UAA server versiones anteriores a 75.4.0, son susceptibles a una vulnerabilidad de redireccionamiento abierto. Un usuario malicioso puede explotar la vulnerabilidad de redireccionamiento abierto mediante ingenier\u00eda social, conllevando a la toma de control de las cuentas de las v\u00edctimas en determinados casos, junto con la redirecci\u00f3n de los usuarios de UAA a sitios maliciosos"
}
],
"id": "CVE-2021-22098",
"lastModified": "2024-11-21T05:49:31.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T21:15:08.257",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "security@vmware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-27 20:15
Modified
2024-11-21 05:34
Severity ?
Summary
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://www.cloudfoundry.org/blog/cve-2020-5402 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cloudfoundry.org/blog/cve-2020-5402 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | cf-deployment | * | |
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
"matchCriteriaId": "434D7E36-293E-4E3D-8C01-04F27397ED5C",
"versionEndExcluding": "12.33.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C357C23E-B4CA-473B-9F72-77D4A5D22A9C",
"versionEndExcluding": "74.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers."
},
{
"lang": "es",
"value": "En Cloud Foundry UAA, versiones anteriores a 74.14.0, se presenta una vulnerabilidad de tipo CSRF debido a que el par\u00e1metro de estado OAuth2 no es comprado en la funci\u00f3n callback cuando se autentican con proveedores de identidad externa."
}
],
"id": "CVE-2020-5402",
"lastModified": "2024-11-21T05:34:04.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@pivotal.io",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-27T20:15:11.577",
"references": [
{
"source": "security@pivotal.io",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2020-5402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2020-5402"
}
],
"sourceIdentifier": "security@pivotal.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "security@pivotal.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-06 20:15
Modified
2024-11-21 04:20
Severity ?
Summary
Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://www.cloudfoundry.org/blog/cve-2019-11293 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cloudfoundry.org/blog/cve-2019-11293 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | cf-deployment | * | |
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63D6484A-0B5A-4B81-BCD2-126BD23911AE",
"versionEndExcluding": "12.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37406F96-9CFA-4500-BF8A-5AE7F4371AC2",
"versionEndExcluding": "74.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters."
},
{
"lang": "es",
"value": "Cloud Foundry UAA Release, versiones anteriores a v74.10.0, cuando se establece el nivel de registro DEBUG, registra las credenciales de client_secret cuando se env\u00edan como un par\u00e1metro de consulta. Un usuario malicioso autenticado remoto podr\u00eda conseguir acceso a las credenciales de usuario por medio del archivo uaa.log si la autenticaci\u00f3n es proporcionada por medio de par\u00e1metros de consulta."
}
],
"id": "CVE-2019-11293",
"lastModified": "2024-11-21T04:20:52.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@pivotal.io",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-06T20:15:09.577",
"references": [
{
"source": "security@pivotal.io",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11293"
}
],
"sourceIdentifier": "security@pivotal.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "security@pivotal.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-09 20:15
Modified
2024-11-21 04:20
Severity ?
Summary
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://www.cloudfoundry.org/blog/cve-2019-11274 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cloudfoundry.org/blog/cve-2019-11274 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA5BCBF-8617-4493-9281-6870A0B05F17",
"versionEndExcluding": "74.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute."
},
{
"lang": "es",
"value": "Cloud Foundry UAA, versiones anteriores a 74.0.0, es vulnerable a un ataque de tipo XSS. Un atacante malicioso remoto no autenticado podr\u00eda crear una URL que contenga un filtro SCIM que contenga JavaScript malicioso, que los navegadores m\u00e1s antiguos pueden ejecutar."
}
],
"id": "CVE-2019-11274",
"lastModified": "2024-11-21T04:20:49.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security@pivotal.io",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T20:15:11.207",
"references": [
{
"source": "security@pivotal.io",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
],
"sourceIdentifier": "security@pivotal.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@pivotal.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-26 21:15
Modified
2024-11-21 04:20
Severity ?
Summary
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://www.cloudfoundry.org/blog/cve-2019-11278 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cloudfoundry.org/blog/cve-2019-11278 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEB7B14-F622-4A0C-A017-D6D021AA6A1D",
"versionEndExcluding": "74.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with \u0027client.write\u0027 and \u0027groups.update\u0027 can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have."
},
{
"lang": "es",
"value": "CF UAA versiones anteriores a 74.1.0, permite que la entrada externa sea consultada directamente. Un usuario malicioso remoto con \"client.write\" y \"groups.update\" puede dise\u00f1ar una consulta SCIM, que filtra informaci\u00f3n que permite una escalada de privilegios, finalmente permitiendo al usuario malicioso conseguir el control de los \u00e1mbitos UAA que no deber\u00edan tener."
}
],
"id": "CVE-2019-11278",
"lastModified": "2024-11-21T04:20:50.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8,
"source": "security@pivotal.io",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-26T21:15:10.933",
"references": [
{
"source": "security@pivotal.io",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
],
"sourceIdentifier": "security@pivotal.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "security@pivotal.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-22 14:15
Modified
2024-11-21 05:49
Severity ?
Summary
In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent to UAA server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudfoundry | cf-deployment | * | |
| cloudfoundry | user_account_and_authentication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
"matchCriteriaId": "659D136D-133F-4418-BD5C-A1A931BCB412",
"versionEndExcluding": "16.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cloudfoundry:user_account_and_authentication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB67B221-E6CB-482B-B175-0AD5284CF058",
"versionEndExcluding": "75.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type \u201coauth 1.0\u201d was sent to UAA server."
},
{
"lang": "es",
"value": "En UAA versiones anteriores a 75.3.0, se ha revelado informaci\u00f3n confidencial como el secreto de retransmisi\u00f3n del proveedor en respuesta cuando se enviaba al servidor de UAA una petici\u00f3n de eliminaci\u00f3n de un proveedor de identidades (IdP) de tipo \"oauth 1.0\""
}
],
"id": "CVE-2021-22001",
"lastModified": "2024-11-21T05:49:25.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-22T14:15:07.867",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security@vmware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-11274
Vulnerability from cvelistv5
Published
2019-08-09 19:22
Modified
2024-09-16 20:12
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11274 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloud Foundry | UAA Release (OSS) |
Version: prior to v74.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to v74.0.0"
}
]
}
],
"datePublic": "2019-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Cross-site Scripting (XSS) - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T19:22:17",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA SCIM Filter XSS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-08-08T21:57:04.000Z",
"ID": "CVE-2019-11274",
"STATE": "PUBLIC",
"TITLE": "UAA SCIM Filter XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to v74.0.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Cross-site Scripting (XSS) - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11274",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11274",
"datePublished": "2019-08-09T19:22:17.731034Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T20:12:34.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11278
Vulnerability from cvelistv5
Published
2019-09-26 21:11
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11278 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloud Foundry | UAA Release (OSS) |
Version: prior to 74.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to 74.1.0"
}
]
}
],
"datePublic": "2019-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with \u0027client.write\u0027 and \u0027groups.update\u0027 can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Command Injection - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-26T21:11:24",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation via Blind SCIM Injection in UAA",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-09-10T00:00:00.000Z",
"ID": "CVE-2019-11278",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation via Blind SCIM Injection in UAA"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to 74.1.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with \u0027client.write\u0027 and \u0027groups.update\u0027 can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Command Injection - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11278",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11278",
"datePublished": "2019-09-26T21:11:24.033285Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T23:51:53.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-0732
Vulnerability from cvelistv5
Published
2017-09-07 13:00
Modified
2024-08-05 22:30
Severity ?
EPSS score ?
Summary
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2016-0732 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:03.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2016-0732"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2016-0732"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2016-0732",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2016-0732"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0732",
"datePublished": "2017-09-07T13:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-05T22:30:03.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11290
Vulnerability from cvelistv5
Published
2019-11-25 23:56
Modified
2024-09-16 21:02
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11290 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloud Foundry | UAA Release |
Version: All < v74.8.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v74.8.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat\u2019s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Inclusion of Sensitive Information in Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T23:56:17",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11290"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cloud Foundry UAA logs query parameters in tomcat access file",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-11-21T00:00:00.000Z",
"ID": "CVE-2019-11290",
"STATE": "PUBLIC",
"TITLE": "Cloud Foundry UAA logs query parameters in tomcat access file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v74.8.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat\u2019s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Inclusion of Sensitive Information in Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11290",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11290"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11290",
"datePublished": "2019-11-25T23:56:17.082402Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T21:02:44.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11293
Vulnerability from cvelistv5
Published
2019-12-06 20:00
Modified
2024-09-16 17:57
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11293 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloud Foundry | UAA Release |
Version: All < v74.10.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11293"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v74.10.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Inclusion of Sensitive Information in Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-06T20:00:17",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11293"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA logs all query parameters with debug logging level",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-12-03T00:00:00.000Z",
"ID": "CVE-2019-11293",
"STATE": "PUBLIC",
"TITLE": "UAA logs all query parameters with debug logging level"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v74.10.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Inclusion of Sensitive Information in Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11293",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11293"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11293",
"datePublished": "2019-12-06T20:00:17.131916Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T17:57:54.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22001
Vulnerability from cvelistv5
Published
2021-07-22 13:17
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent to UAA server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cloud Foundry UAA server |
Version: Cloud Foundry UAA server prior to version 75.3.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cloud Foundry UAA server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cloud Foundry UAA server prior to version 75.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type \u201coauth 1.0\u201d was sent to UAA server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T13:17:35",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloud Foundry UAA server",
"version": {
"version_data": [
{
"version_value": "Cloud Foundry UAA server prior to version 75.3.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type \u201coauth 1.0\u201d was sent to UAA server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/",
"refsource": "MISC",
"url": "https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22001",
"datePublished": "2021-07-22T13:17:35",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20903
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2025-02-19 18:38
Severity ?
EPSS score ?
Summary
This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. It is expected that the UAA would reject a refresh token during a refresh token grant, but it does not (hence the vulnerability). It will continue to issue access tokens to request presenting such refresh tokens, as if the identity provider was still active. As a result, clients with refresh tokens issued through the deactivated identity provider would still have access to Cloud Foundry resources until their refresh token expires (which defaults to 30 days).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cloud Foundry |
Version: All versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2023-20903-tokens-for-inactivated-idps-are-not-revoked-and-remain-valid-until-expiration/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20903",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T18:38:15.435373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T18:38:21.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cloud Foundry",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. It is expected that the UAA would reject a refresh token during a refresh token grant, but it does not (hence the vulnerability). It will continue to issue access tokens to request presenting such refresh tokens, as if the identity provider was still active. As a result, clients with refresh tokens issued through the deactivated identity provider would still have access to Cloud Foundry resources until their refresh token expires (which defaults to 30 days)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Tokens for inactivated IDPs are not revoked and remain valid until expiration",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-28T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2023-20903-tokens-for-inactivated-idps-are-not-revoked-and-remain-valid-until-expiration/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20903",
"datePublished": "2023-03-28T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-02-19T18:38:21.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5402
Vulnerability from cvelistv5
Published
2020-02-27 19:30
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2020-5402 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloud Foundry | UAA |
Version: unspecified < v74.14.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:23.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2020-5402"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v74.14.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-27T19:30:24",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2020-5402"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA fails to check the state parameter when authenticating with external IDPs",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2020-02-24T18:03:36.000Z",
"ID": "CVE-2020-5402",
"STATE": "PUBLIC",
"TITLE": "UAA fails to check the state parameter when authenticating with external IDPs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "v74.14.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2020-5402",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2020-5402"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2020-5402",
"datePublished": "2020-02-27T19:30:24.167601Z",
"dateReserved": "2020-01-03T00:00:00",
"dateUpdated": "2024-09-16T17:03:33.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22098
Vulnerability from cvelistv5
Published
2021-08-11 20:49
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims’ accounts in certain cases along with redirection of UAA users to a malicious sites.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UAA server |
Version: Cloud Foundry UAA server prior to version 75.4.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cloud Foundry UAA server prior to version 75.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims\u2019 accounts in certain cases along with redirection of UAA users to a malicious sites."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T20:49:28",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA server",
"version": {
"version_data": [
{
"version_value": "Cloud Foundry UAA server prior to version 75.4.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims\u2019 accounts in certain cases along with redirection of UAA users to a malicious sites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/",
"refsource": "MISC",
"url": "https://www.cloudfoundry.org/blog/cve-2021-22098-open-redirect-vulnerability-in-uaa-server/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22098",
"datePublished": "2021-08-11T20:49:28",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}