2 matches found
CVE-2017-2773
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.60, 1.7.x versions prior to 1.7.41, 1.8.x versions prior to 1.8.23, and 1.9.x versions prior to 1.9.1. Incomplete validation logic in JSON Web Token JWT libraries can allow unprivileged attackers to impersonate oth...
CVE-2017-2773
Affected product: Pivotal PCF Elastic Runtime. Issue: Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users across multiple PCF Elastic Runtime components. Affected versions include 1.6.x before 1.6.60, 1.7.x before 1.7.41, 1.8.x...