Lucene search
PRIOn knowledge basePRION:CVE-2016-6659HistoryDec 23, 2016 - 5:59 a.m.
Code injection
2016-12-2305:59:00
PRIOn knowledge base
www.prio-n.com
1
Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 for UAA 3.6.5 and before 24 for UAA 3.9.3 allow attackers to gain privileges by accessing UAA logs and subsequently running a specially crafted application that interacts with a configured SAML provider.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cloud_foundry_uaa_bosh | le | 23.0 | |
| cloud_foundry | le | 247.0 | |
| cloud_foundry_uaa | le | 3.9.2 |
Related
cvelist
cvelist
CVE-2016-6659
2016-12-23 05:00:00
cve
cve
CVE-2016-6659
2016-12-23 05:59:00
cloudfoundry
cloudfoundry
CVE-2016-6659: UAA Privilege Escalation | Cloud Foundry
2016-12-14 00:00:00
nvd
nvd
CVE-2016-6659
2016-12-23 05:59:00
veracode
veracode
Privilege Escalation
2016-12-20 02:55:49