3 matches found
CVE-2016-0732
The CVE-2016-0732 entry corresponds to a privilege-escalation vulnerability in the identity-zones feature of Cloud Foundry components. Affected products include Cloud Foundry v208–v229, UAA v2.0.0–v2.7.3 and v3.0.0, UAA-Release v2–v4, and Elastic Runtime v1.6.0–v1.6.13. The issue allows remote au...
CVE-2017-8031
The CVE-2017-8031 entry concerns Cloud Foundry cf-release and UAA. Affected products: cf-release (all versions before v279) and UAA (30.x before 30.6; 45.x before 45.4; 52.x before 52.1). Issue: an authenticated user for a given client can revoke client tokens belonging to other users on the same...
CVE-2026-22723
CVE-2026-22723 affects Cloud Foundry UAA and CF Deployment due to a logic error in the token revocation endpoint. Vulnerable ranges: UAA v77.30.0–v78.7.0 and CF Deployment v48.7.0–v54.10.0. Root cause is a faulty token revocation flow that can improperly revoke tokens. Impact is described as Inap...