Forwarded HTTP Header Vulnerability in Cloud Foundry UAA
CVE-2017-4994

7.5HIGH

Key Information:

Vendor
CVE Published:
13 June 2017

What is CVE-2017-4994?

A vulnerability has been identified in various versions of Cloud Foundry's UAA and cf-release where improperly handled forwarded HTTP headers could potentially lead to account corruption. This issue affects multiple versions across the UAA releases and has the potential to compromise user accounts, highlighting the need for timely updates and security measures to protect sensitive data.

Affected Version(s)

Cloud Foundry Cloud Foundry

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.