Lucene search
GoogleOSV:CVE-2017-4963HistoryJun 13, 2017 - 6:29 a.m.
CVE-2017-4963
2017-06-1306:29:00
Google
osv.dev
2
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to authenticate against external SAML or OpenID Connect based identity providers.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cf-release | eq | 198 | |
| cf-release | eq | 91 | |
| cf-release | eq | 112 | |
| cf-release | eq | rc145.0 | |
| cf-release | eq | 25 | |
| cf-release | eq | 228 | |
| cf-release | eq | 8 | |
| cf-release | eq | 120 | |
| cf-release | eq | 12 | |
| cf-release | eq | 121 |
References
Related
veracode
veracode
Session Fixation Attacks
2017-03-31 01:41:13
prion
prion
Session fixation
2017-06-13 06:29:00
nvd
nvd
CVE-2017-4963
2017-06-13 06:29:00
cve
cve
CVE-2017-4963
2017-06-13 06:29:00
cloudfoundry
cloudfoundry
cvelist
cvelist
CVE-2017-4963
2017-06-13 06:00:00