Lucene search
DellCVELIST:CVE-2016-6659HistoryDec 23, 2016 - 5:00 a.m.
CVE-2016-6659
2016-12-2305:00:00
dell
www.cve.org
Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 for UAA 3.6.5 and before 24 for UAA 3.9.3 allow attackers to gain privileges by accessing UAA logs and subsequently running a specially crafted application that interacts with a configured SAML provider.
CNA Affected
[
{
"product": "Cloud Foundry v247 and earlier and UAA v3.9.2 & earlier and UAA bosh (uaa-release) v23 & earlier",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cloud Foundry v247 and earlier and UAA v3.9.2 & earlier and UAA bosh (uaa-release) v23 & earlier"
}
]
}
]Related
cve
cve
CVE-2016-6659
2016-12-23 05:59:00
cloudfoundry
cloudfoundry
CVE-2016-6659: UAA Privilege Escalation | Cloud Foundry
2016-12-14 00:00:00
prion
prion
Code injection
2016-12-23 05:59:00
nvd
nvd
CVE-2016-6659
2016-12-23 05:59:00
veracode
veracode
Privilege Escalation
2016-12-20 02:55:49