3 matches found
Pivotal Spring Cloud SSO Connector Authentication Vulnerability
Pivotal Spring Cloud SSO Connector is a single sign-on connector for Cloud Foundry from Pivotal Software. A security vulnerability exists in Pivotal Spring Cloud SSO Connector version 2.1.2. An attacker can exploit the vulnerability to authenticate to an unbound resource server...
CVE-2018-1256
Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...
CVE-2018-1256
Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...