Security Advisory

CVE-2020-5402

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-02-27 19:30:24

Last updated 2024-09-16 17:03:33

Assigner pivotal

State PUBLISHED

Description

In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.

← Browse all CVEs View on cve.org ↗