Token Privilege Escalation in Pivotal Cloud Foundry by Remote Authenticated Users
CVE-2016-6651
8.8HIGH
What is CVE-2016-6651?
The vulnerability in Pivotal Cloud Foundry allows remote authenticated users to exploit a flaw in the UAA /oauth/token endpoint. By leveraging a valid token, an attacker can gain unauthorized privileges, circumventing usual access controls. This puts sensitive data and server integrity at risk, highlighting the importance of timely updates and security patches.
