Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:7846
HistoryNov 20, 2018 - 1:42 a.m.

Privilege Escalation

2018-11-2001:42:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.003 Low

EPSS

Percentile

70.0%

JSON

cloudfoundry-identity-server is vulnerable to privilege escalation attacks. The vulnerability exists due to an error in validation, allowing an authenticated user to gain an OAuth token with arbitrary scopes by modifying the url and content of the consent page.

CPENameOperatorVersion
uaa serverle4.22.0

Related

cloudfoundry 1
nvd 1
cvelist 1
ibm 1
osv 2
cve 1
prion 1
github 1
cloudfoundry
cloudfoundry
CVE-2018-15761: UAA Privilege Escalation | Cloud Foundry
2018-11-01 00:00:00
nvd
nvd
CVE-2018-15761
2018-11-19 14:29:00
cvelist
cvelist
CVE-2018-15761 UAA Privilege Escalation
2018-11-01 00:00:00
ibm
ibm
Security Bulletin: A Security Vulnerability affects IBM Cloud Private Cloud Foundry (CVE-2018-15761)
2019-02-11 19:25:01
osv
osv
CVE-2018-15761
2018-11-19 14:29:00
Cloud Foundry UAA Privilege Escalation
2022-05-13 01:34:08
cve
cve
CVE-2018-15761
2018-11-19 14:29:00
prion
prion
Privilege escalation
2018-11-19 14:29:00
github
github
Cloud Foundry UAA Privilege Escalation
2022-05-13 01:34:08

0.003 Low

EPSS

Percentile

70.0%

JSON
Related for VERACODE:7846
cloudfoundry1nvd1cvelist1ibm1osv2cve1prion1github1