Denial of Service Risk in Cloud Foundry and UAA Software
CVE-2017-4960
7.5HIGH
What is CVE-2017-4960?
An issue within Cloud Foundry releases v247 to v252 and UAA versions v3.9.0 to v3.11.0 has been identified, allowing attackers to potentially disrupt services by leveraging a denial of service attack against UAA OAuth clients. This issue may compromise the availability of applications relying on these services, highlighting the need for prompt mitigation.
Affected Version(s)
Cloud Foundry Foundation Cloud Foundry release v247 - v252, UAA stand-alone release v3.9.0 - v3.11.0, UAA Bosh Release v21 - v26 Cloud Foundry Foundation Cloud Foundry release v247 - v252, UAA stand-alone release v3.9.0 - v3.11.0, UAA Bosh Release v21 - v26
