Privilege Escalation Affecting org.cloudfoundry.identity:cloudfoundry-identity-uaa Open this link in a new tab package, versions [3.6.0, 3.6.13) [3.9.0,3.9.15) [4.0.0,4.4.0)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
1 Apr 2018
10 Jul 2017
org.cloudfoundry.identity:cloudfoundry-identity-uaa is a CloudFoundry User Account and Authentication (UAA) Server.
Affected version of this package are vulnerable to Privilege Escalation. Zone administrators are allowed to escalate their privileges when mapping permissions for an external provider.
org.cloudfoundry.identity:cloudfoundry-identity-uaa to version 3.6.13, 3.9.15, 4.4.0 or higher.