Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-292X-HJR8-226F
HistoryMay 13, 2022 - 1:34 a.m.

Cloud Foundry UAA Privilege Escalation

2022-05-1301:34:08
Google
osv.dev
8
cloud foundry
uaa
privilege escalation
validation error
remote authenticated user
modify consent page
arbitrary scopes

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

60.9%

JSON

Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.

Related

cloudfoundry 1
nvd 1
veracode 1
cvelist 1
ibm 1
osv 1
prion 1
cve 1
github 1
cloudfoundry
cloudfoundry
CVE-2018-15761: UAA Privilege Escalation | Cloud Foundry
2018-11-01 00:00:00
nvd
nvd
CVE-2018-15761
2018-11-19 14:29:00
veracode
veracode
Privilege Escalation
2018-11-20 01:42:11
cvelist
cvelist
CVE-2018-15761 UAA Privilege Escalation
2018-11-19 14:00:00
ibm
ibm
Security Bulletin: A Security Vulnerability affects IBM Cloud Private Cloud Foundry (CVE-2018-15761)
2019-02-11 19:25:01
osv
osv
CVE-2018-15761
2018-11-19 14:29:00
prion
prion
Privilege escalation
2018-11-19 14:29:00
cve
cve
CVE-2018-15761
2018-11-19 14:29:00
github
github
Cloud Foundry UAA Privilege Escalation
2022-05-13 01:34:08

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

60.9%

JSON
Related for OSV:GHSA-292X-HJR8-226F
cloudfoundry1nvd1veracode1cvelist1ibm1osv1prion1cve1github1