Security Advisory

CVE-2019-11270

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-05 16:21:54

Last updated 2024-09-17 04:19:01

Assigner pivotal

State PUBLISHED

Description

Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the clients.write authority or scope can bypass the restrictions imposed on clients created via clients.write and create clients with arbitrary scopes that the creator does not possess.

← Browse all CVEs View on cve.org ↗