Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

84 matches found

Veracode
Veracodeadded 2017/04/22 3:43 a.m.16 views

Privilege Escalation

CloudFoundry User Account and Authentication UAA is vulnerable to privilege escalation. A malicious user can pass a malicious user token to an unused group endpoint to cause an escalation of privileges...

8.8CVSS8.7AI score0.00302EPSS
Exploits0References2Affected Software3
Veracode
Veracodeadded 2017/04/21 9:6 a.m.23 views

Blind SQL Injection

CloudFoundry User Account and Authentication UAA is vulnerable to blind SQL injection attacks. The attacks are possible because it does not properly validate the clientid string...

7.5CVSS8.2AI score0.00278EPSS
Exploits0References2Affected Software2
Veracode
Veracodeadded 2017/03/31 1:41 a.m.11 views

Session Fixation Attacks

CloudFoundry User Account and Authentication UAA is vulnerable to session fixation attacks. These attacks are possible when UAA is configured to authenticate against OpenID Connect or external SAML based identity providers...

8.1CVSS7.9AI score0.00387EPSS
Exploits0References1Affected Software3
Veracode
Veracodeadded 2017/03/31 1:26 a.m.16 views

Denial Of Service (DoS)

CloudFoundry User Account and Authentication UAA is vulnerable to denial of service DoS attacks. These attacks are possible through the lockout feature...

7.5CVSS7.3AI score0.00451EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder