Privilege Escalation Vulnerability in Cloud Foundry's UAA Product
CVE-2017-8032

6.6MEDIUM

Key Information:

Vendor
CVE Published:
10 July 2017

What is CVE-2017-8032?

A privilege escalation vulnerability in Cloud Foundry's UAA product allows zone administrators to map permissions for external providers inaccurately, potentially leading to unauthorized access and increased privileges. This flaw affects multiple versions of cf-release and UAA releases, creating risks for users relying on this identity management service.

Affected Version(s)

Cloud Foundry Cloud Foundry

References

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.