Lucene search
K
CloudfoundryCf-release208

4 matches found

CVE
CVE
added 2017/09/07 1:0 p.m.66 views

CVE-2016-0732

The CVE-2016-0732 entry corresponds to a privilege-escalation vulnerability in the identity-zones feature of Cloud Foundry components. Affected products include Cloud Foundry v208–v229, UAA v2.0.0–v2.7.3 and v3.0.0, UAA-Release v2–v4, and Elastic Runtime v1.6.0–v1.6.13. The issue allows remote au...

8.8CVSS8.5AI score0.01154EPSS
CVE
CVE
added 2017/05/25 5:0 p.m.50 views

CVE-2015-3189

CVE-2015-3189 – Normal details Affected products/versions: Cloud Foundry Runtime cf-release v208 or earlier; UAA standalone v2.2.5 or earlier; Pivotal Cloud Foundry Runtime v1.4.5 or earlier. Issue: old Password Reset Links do not expire after a user changes their current email address, when usin...

4.3CVSS4.2AI score0.00816EPSS
CVE
CVE
added 2017/06/13 6:0 a.m.45 views

CVE-2016-8218

CVE-2016-8218 affects Cloud Foundry’s routing-release (versions prior to 0.142.0) and cf-release (203–231). The issue is incomplete validation in JSON Web Token (JWT) libraries, enabling unprivileged attackers to impersonate other users to the routing API. Remediation: upgrade routing-release to ...

9.8CVSS9.3AI score0.01297EPSS
CVE
CVE
added 2017/08/31 2:0 p.m.44 views

CVE-2016-0713

The CVE-2016-0713 entry applies to Cloud Foundry Gorouter in cf-release versions 141–228, where a cross-site scripting (XSS) vulnerability can be exploited when an attacker modifies requests, enabling potential MITM-like behavior and unauthorized operations. Publicly documented impact is XSS via ...

4.7CVSS4.3AI score0.00541EPSS