VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.cloudfoundry.identity:cloudfoundry-identity-server

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2015-5172 critical 9.8 9.8 9y ago Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password java
CVE-2015-5171 critical 9.8 9.8 9y ago Cloud Foundry Runtime Insufficient Session Expiration vulnerability java
CVE-2017-4992 critical 9.8 9.8 9y ago Cloud Foundry UAA privilege escalation with user invitations java
CVE-2016-6637 critical 9.6 9.6 10y ago Cloud Foundry vulnerable to Cross-Site Request Forgery java
CVE-2015-5170 high 8.8 8.8 9y ago Cloud Foundry Runtime Cross-Site Request Forgery vulnerability java
CVE-2017-4973 high 8.8 8.8 9y ago Cloud Foundry UAA Privilege Escalation java
CVE-2016-3084 high 8.1 8.1 9y ago Cloud Foundry UAA reset password vulnerable to brute force attack java
CVE-2017-4960 high 7.5 7.5 9y ago Cloud Foundry denial of service vulnerability java
CVE-2017-4991 high 7.2 7.2 9y ago Cloud Foundry UAA password reset vulnerability java
CVE-2017-8032 medium 6.6 6.6 9y ago Cloud Foundry UAA Identity Zone Admin Privilege Escalation java
CVE-2026-22723 medium 6.5 6.5 3mo ago Cloudfoundry UAA has logic error in the token revocation endpoint implementation java
CVE-2017-4974 medium 6.5 6.5 9y ago Blind SQL Injection with privileged Cloud Foundry UAA endpoints java
CVE-2016-5016 medium 5.9 5.9 9y ago Cloud Foundry vulnerable to Improper Certificate Validation java
CVE-2017-8031 medium 5.3 5.3 9y ago Cloud Foundry UAA Denial of Service through client token revocation endpoint java
CVE-2015-3189 low 3.7 3.7 9y ago Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password java
CVE-2018-1192 unknown 4y ago Cloud Foundry UAA SessionID present in Audit Event Logs java
CVE-2018-11041 unknown 4y ago Cloud Foundry UAA open redirect java
CVE-2018-11047 unknown 4y ago Cloud Foundry UAA accepts refresh token as access token on admin endpoints java
CVE-2018-15761 unknown 4y ago Cloud Foundry UAA Privilege Escalation java
CVE-2018-1190 unknown 4y ago Pivotal Cloud Foundry UAA XSS on UAA OpenID Connect check session iframe endpoint java
CVE-2018-1262 unknown 4y ago UAA privilege escalation across identity zones java