Lucene search
+L
CloudfoundryCloud Foundry Uaa Bosh30

7 matches found

CVE
CVE
added 2017/06/13 6:0 a.m.70 views

CVE-2017-4991

CVE-2017-4991 affects Cloud Foundry products: cf-release versions before v260 and multiple UAA releases (2.x before v2.7.4.16; 3.6.x before v3.6.10; 3.9.x before v3.9.12; others before v3.17.0) plus UAA-bosh releases (uaa-release) before v13.14, v24.9, v30.2, and earlier versions before v36. The ...

7.2CVSS6.9AI score0.00936EPSS
CVE
CVE
added 2017/06/13 6:0 a.m.57 views

CVE-2017-4973

Cloud Foundry UAA Privilege Escalation (CVE-2017-4973) affects cf-release prior to v257 and UAA releases before the specified upgrades (2.x before v2.7.4.14, 3.6.x before v3.6.8, 3.9.x before v3.9.10, and other versions before v3.15.0), as well as UAA bosh releases (13.x before v13.12, 24.x befor...

8.8CVSS8.4AI score0.01068EPSS
CVE
CVE
added 2017/06/13 6:0 a.m.57 views

CVE-2017-4992

CVE-2017-4992 affects Cloud Foundry components including cf-release prior to v261 and UAA releases prior to specified versions (2.x before 2.7.4.17, 3.6.x before 3.6.11, 3.9.x before 3.9.13, and other versions before v4.2.0; UAA bosh releases prior to 13.x before 13.15, 24.x before 24.10, 30.x be...

9.8CVSS9.5AI score0.01167EPSS
CVE
CVE
added 2017/06/13 6:0 a.m.55 views

CVE-2017-4974

CVE-2017-4974 is a blind SQL injection vulnerability affecting Cloud Foundry Foundation components: cf-release versions prior to v258 and UAA releases prior to v2.7.4.15 (2.x), v3.6.9 (3.6.x), v3.9.11 (3.9.x), and prior to v3.16.0 in general, plus uaa-release bosh releases prior to v13.13, v24.8,...

6.5CVSS6.8AI score0.00974EPSS
CVE
CVE
added 2017/06/13 6:0 a.m.54 views

CVE-2017-4994

CVE-2017-4994 affects Cloud Foundry components including cf-release prior to v263 and UAA releases earlier than v2.7.4.18 (2.x), v3.6.12 (3.6.x), v3.9.14 (3.9.x), and v4.3.0+ for other lines, plus UAA Bosh releases prior to v13.16, v24.11, and v30.4. The issue is with forwarded HTTP headers in UA...

7.5CVSS7.4AI score0.01105EPSS
CVE
CVE
added 2017/07/10 8:0 p.m.54 views

CVE-2017-8032

CVE-2017-8032 affects Cloud Foundry components (cf-release and UAA) where zone administrators can escalate privileges when mapping permissions for external providers. Affected versions include cf-release before v264; UAA v2.x.x; 3.6.x before 3.6.13; 3.9.x before 3.9.15; 3.20.x before 3.20.0; and ...

6.6CVSS6.5AI score0.00879EPSS
CVE
CVE
added 2017/06/13 6:0 a.m.52 views

CVE-2017-4972

CVE-2017-4972 describes a blind SQL injection vulnerability in Cloud Foundry components: cf-release before v257; UAA 2.x before v2.7.4.14, 3.6.x before v3.6.8, 3.9.x before v3.9.10, and other versions before v3.15.0; and UAA Release (uaa-release) 13.x before v13.12, 24.x before v24.7, and other v...

7.5CVSS7.8AI score0.01085EPSS