CloudFoundry User Account and Authentication (UAA) is vulnerable to privilege escalation. A zone administrator can issue a token that impersonates another zone, allowing an escalation of privileges during offline validation of clients.
CPE | Name | Operator | Version |
---|---|---|---|
uaa server | le | 4.13.3 | |
uaa server | le | 4.12.1 | |
uaa server | le | 4.11.0 |