EUVD-2022-3237

Malicious code in bioql PyPI...

Privilege Escalation

CloudFoundry User Account and Authentication UAA is vulnerable to privilege escalation. A zone administrator can issue a token that impersonates another zone, allowing an escalation of privileges during offline validation of clients...

Privilege escalation

Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to adm...

CVE-2018-1262

Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to adm...

CVE-2018-1262: UAA privilege escalation across identity zones | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using uaa-release versions v57, v57.1 or v58 You are using uaa versions 4.12.x or 4.13.x You are using cf-deployment versions v1.27.0 through v1.31.0 Description UAA, versions 4.12.X and 4.13.X,...