Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
UAA Privilege Escalation
Vulnerability Description
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cloud Foundry UAA和Cloud Foundry UAA release 权限许可和访问控制问题漏洞
Vulnerability Description
Cloud Foundry UAA是美国Cloud Foundry基金会的一款应用于CloudFoundry云平台的身份验证和管理服务终端。 Cloud Foundry uaa-release 64.0之前版本和UAA 4.23.0之前版本中存在权限许可和访问控制问题漏洞,该漏洞源于程序存在验证错误。远程攻击者可通过修改URL及内容利用该漏洞获取令牌,提升权限。
CVSS Information
N/A
Vulnerability Type
N/A