cloud foundry Uaa Vulnerabilities

Cloud%20foundry Uaa vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

13 May 2025

Private Key Exposure in Cloud Foundry UAA Software
CVE-2025-22246
Cloud FoundryUaa7.5HIGH

31 January 2025

Session Information Vulnerability in Multi-Zone UAA by Cloud Foundry
CVE-2025-22216
Cloud FoundryCloud Foundry Uaa5.4MEDIUM

18 July 2024

Potential Security Risk: Incorrect User Permissions in Cloud Foundry UAA
CVE-2024-38806
Cloud Foundry Fou...Uaa3.9LOW

27 February 2020

UAA fails to check the state parameter when authenticating with external IDPs
CVE-2020-5402
Cloud FoundryUaa8.8HIGH

6 December 2019

UAA logs all query parameters with debug logging level
CVE-2019-11293
Cloud FoundryUaa Release8.8HIGH

26 November 2019

Cloud Foundry UAA logs query parameters in tomcat access file
CVE-2019-11290
Cloud FoundryUaa Release8.8HIGH

23 October 2019

UAA is vulnerable to a Blind SCIM injection leading to information disclosure
CVE-2019-11282
Cloud FoundryUaa Release4.3MEDIUM

26 September 2019

9 August 2019

UAA SCIM Filter XSS
CVE-2019-11274
Cloud FoundryUaa Release (oss)4.3MEDIUM

5 August 2019

UAA clients.write vulnerability
CVE-2019-11270
Cloud FoundryUaa Release (oss)7.3HIGH

18 July 2019

UAA - Login app subject to clickjacking attack
CVE-2019-3794
Cloud FoundryUaa Release (oss)6.5MEDIUM

11 July 2019

UAA SQL Identity Zone Vulnerability
CVE-2019-11268
Cloud FoundryUaa Release (oss)6.5MEDIUM

19 June 2019

UAA defaults email address to an insecure domain
CVE-2019-3787
Cloud FoundryUaa Release (oss)8.3HIGH

25 April 2019

7 March 2019

UAA allows users to modify their own email address
CVE-2019-3775
Cloud FoundryUaa Release (oss)7.1HIGH

13 December 2018

UAA can issue tokens across identity providers if users with matching usernames exist
CVE-2018-15754
Cloud FoundryUaa Release4.2MEDIUM

19 November 2018

UAA Privilege Escalation
CVE-2018-15761
Cloud FoundryUaa9.9CRITICAL

5 October 2018

Cloud Foundry UAA MFA does not prevent brute force of MFA code
CVE-2018-11082
Cloud FoundryUaa Release6.6MEDIUM

24 July 2018

Authorization Flaw in Cloud Foundry UAA Admin Endpoints
CVE-2018-11047
Cloud FoundryCloud Foundry Uaa7.5HIGH

25 June 2018

Open Redirect Vulnerability in Cloud Foundry UAA
CVE-2018-11041
Cloud FoundryCloud Foundry Uaa6.1MEDIUM

15 May 2018

Privilege Escalation Vulnerability in Cloud Foundry UAA
CVE-2018-1262
Cloud FoundryCloudfoundry Uaa7.2HIGH