CVE-2019-11293: UAA logs all query parameters with debug logging level | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Description Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs clientsecret credentials when sent as a query param. A remote authenticated malicious user could gain access to user credentials via the uaa.log...