CloudFoundry User Account and Authentication (UAA) is vulnerable to denial of service (DoS) attacks. The check_token
endpoint does not validate the clientId
when revoking opaque or JWT client tokens, allowing a malicious user to revoke another user’s token.