Vulnerability Details CVE-2017-4960
An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-4960
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:21
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:22
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:23
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.1
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.2
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.3
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.4
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.5
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.6
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:25
-
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:26
-
cpe:2.3:a:pivotal_software:cloud_foundry:247.0
-
cpe:2.3:a:pivotal_software:cloud_foundry:248.0
-
cpe:2.3:a:pivotal_software:cloud_foundry:249.0
-
cpe:2.3:a:pivotal_software:cloud_foundry:250.0
-
cpe:2.3:a:pivotal_software:cloud_foundry:251.0
-
cpe:2.3:a:pivotal_software:cloud_foundry:252.0
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.10.0
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.11.0
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.0
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.1
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.2
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.3
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.4
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.5
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.6
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.7
-
cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.8