漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
UAA allows users to modify their own email address
Vulnerability Description
Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user.
CVSS Information
N/A
Vulnerability Type
使用欺骗进行的认证绕过
Vulnerability Title
Cloud Foundry UAA 授权问题漏洞
Vulnerability Description
Cloud Foundry UAA是一款应用于CloudFoundry云平台的身份验证和管理服务终端。 Cloud Foundry UAA v70.0之前版本中存在授权问题漏洞。攻击者可利用该漏洞将地址更改成其他用户地址,进而冒充其他用户。
CVSS Information
N/A
Vulnerability Type
N/A