EPSS
Percentile
42.8%
uaa-identity is vulnerable to information disclosure. The SessionID is logged in the audit even logs. This allows attackers who can gain access to the logs to impersonate a logged-in user.
www.cloudfoundry.org/blog/cve-2018-1192/