Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
UAA Failure to Remove Shadow User’s Access
Vulnerability Description
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , potentially resulting in users retaining access rights they should not have. This can allow them to perform operations beyond their intended permissions.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
预期行为违背
Vulnerability Title
Cloud Foundry Foundation 安全漏洞
Vulnerability Description
Cloud Foundry Foundation是Cloud Foundry Foundation基金会的一个开源的平台即服务(Paas)。 Cloud Foundry Foundation v40.17.0 版本存在安全漏洞,该漏洞源于未能正确同步 UAA 中的用户权限。
CVSS Information
N/A
Vulnerability Type
N/A