CVE-2016-0732 Privilege Escalation
Critical
Cloud Foundry Foundation
A privilege elevation vulnerability has been identified with the identity zones feature of UAA. Users with the appropriate permissions in one zone can perform unauthorized operations on a different zone.
Users are strongly encouraged to follow one of the mitigations below:
Discovered by the GE Digital Security Team
2016-Feb-2: Initial vulnerability report published on VMware.io
2017-Sep-8: Report published on cloudfoundry.org