漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
UAA clients.write vulnerability
Vulnerability Description
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator does not possess.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
Cloud Foundry UAA 安全特征问题漏洞
Vulnerability Description
Cloud Foundry UAA是美国Cloud Foundry基金会的一款应用于CloudFoundry云平台的身份验证和管理服务终端。 Cloud Foundry UAA 73.4.0之前版本中存在安全特征问题漏洞。攻击者可利用该漏洞绕过限制。以下产品及版本受到影响:Cloud Foundry Pivotal Application Service 2.3.15之前的2.3.x版本,2.4.11之前的2.4.x版本,2.5.7之前的2.5.x版本,2.6.2之前的2.6.x版本;Pivotal Op
CVSS Information
N/A
Vulnerability Type
N/A