Cloud Foundry Uaa@3.0.1 Security Vulnerabilities and Issues — Cloud Foundry Uaa@3.0.1 CVE List

Lucene search

Pivotal SoftwareCloud Foundry Uaa3.0.1

3 matches found

CVE•added 2016/09/30 12:59 a.m.•42 views

CVE-2016-6636

The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.1; and Ops Manager 1.7.x before 1...

5.3CVSS5.1AI score0.00236EPSS

CVE•added 2016/09/30 12:59 a.m.•34 views

CVE-2016-6637

Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.2; and Ops Ma...

9.6CVSS9.5AI score0.00118EPSS

CVE•added 2017/05/25 5:29 p.m.•31 views

CVE-2016-0781

The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in either...

6.1CVSS5.9AI score0.00266EPSS