Vulnerability Details CVE-2017-8034
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. With certain multi-zone UAA configurations, zone administrators are able to escalate their privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.4%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 6.0
Products affected by CVE-2017-8034
-
cpe:2.3:a:cloudfoundry:capi-release:1.0.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.1.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.10.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.11.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.12.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.13.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.14.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.15.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.16.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.17.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.18.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.19.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.2.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.20.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.21.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.22.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.23.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.24.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.25.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.26.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.27.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.28.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.29.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.3.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.30.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.31.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.4.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.5.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.6.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.7.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.8.0
-
cpe:2.3:a:cloudfoundry:capi-release:1.9.0
-
cpe:2.3:a:cloudfoundry:cf-release:100
-
cpe:2.3:a:cloudfoundry:cf-release:101
-
cpe:2.3:a:cloudfoundry:cf-release:102
-
cpe:2.3:a:cloudfoundry:cf-release:103
-
cpe:2.3:a:cloudfoundry:cf-release:104
-
cpe:2.3:a:cloudfoundry:cf-release:105
-
cpe:2.3:a:cloudfoundry:cf-release:106
-
cpe:2.3:a:cloudfoundry:cf-release:107
-
cpe:2.3:a:cloudfoundry:cf-release:108
-
cpe:2.3:a:cloudfoundry:cf-release:109
-
cpe:2.3:a:cloudfoundry:cf-release:110
-
cpe:2.3:a:cloudfoundry:cf-release:111
-
cpe:2.3:a:cloudfoundry:cf-release:112
-
cpe:2.3:a:cloudfoundry:cf-release:113
-
cpe:2.3:a:cloudfoundry:cf-release:114
-
cpe:2.3:a:cloudfoundry:cf-release:115
-
cpe:2.3:a:cloudfoundry:cf-release:116
-
cpe:2.3:a:cloudfoundry:cf-release:117
-
cpe:2.3:a:cloudfoundry:cf-release:118
-
cpe:2.3:a:cloudfoundry:cf-release:119
-
cpe:2.3:a:cloudfoundry:cf-release:120
-
cpe:2.3:a:cloudfoundry:cf-release:121
-
cpe:2.3:a:cloudfoundry:cf-release:122
-
cpe:2.3:a:cloudfoundry:cf-release:123
-
cpe:2.3:a:cloudfoundry:cf-release:124
-
cpe:2.3:a:cloudfoundry:cf-release:125
-
cpe:2.3:a:cloudfoundry:cf-release:126
-
cpe:2.3:a:cloudfoundry:cf-release:127
-
cpe:2.3:a:cloudfoundry:cf-release:128
-
cpe:2.3:a:cloudfoundry:cf-release:129
-
cpe:2.3:a:cloudfoundry:cf-release:130
-
cpe:2.3:a:cloudfoundry:cf-release:131
-
cpe:2.3:a:cloudfoundry:cf-release:132
-
cpe:2.3:a:cloudfoundry:cf-release:133
-
cpe:2.3:a:cloudfoundry:cf-release:134
-
cpe:2.3:a:cloudfoundry:cf-release:135
-
cpe:2.3:a:cloudfoundry:cf-release:136
-
cpe:2.3:a:cloudfoundry:cf-release:137
-
cpe:2.3:a:cloudfoundry:cf-release:138
-
cpe:2.3:a:cloudfoundry:cf-release:139
-
cpe:2.3:a:cloudfoundry:cf-release:140
-
cpe:2.3:a:cloudfoundry:cf-release:141
-
cpe:2.3:a:cloudfoundry:cf-release:142
-
cpe:2.3:a:cloudfoundry:cf-release:143
-
cpe:2.3:a:cloudfoundry:cf-release:144
-
cpe:2.3:a:cloudfoundry:cf-release:145
-
cpe:2.3:a:cloudfoundry:cf-release:146
-
cpe:2.3:a:cloudfoundry:cf-release:147
-
cpe:2.3:a:cloudfoundry:cf-release:148
-
cpe:2.3:a:cloudfoundry:cf-release:149
-
cpe:2.3:a:cloudfoundry:cf-release:150
-
cpe:2.3:a:cloudfoundry:cf-release:151
-
cpe:2.3:a:cloudfoundry:cf-release:152
-
cpe:2.3:a:cloudfoundry:cf-release:153
-
cpe:2.3:a:cloudfoundry:cf-release:154
-
cpe:2.3:a:cloudfoundry:cf-release:155
-
cpe:2.3:a:cloudfoundry:cf-release:156
-
cpe:2.3:a:cloudfoundry:cf-release:157
-
cpe:2.3:a:cloudfoundry:cf-release:158
-
cpe:2.3:a:cloudfoundry:cf-release:159
-
cpe:2.3:a:cloudfoundry:cf-release:160
-
cpe:2.3:a:cloudfoundry:cf-release:161
-
cpe:2.3:a:cloudfoundry:cf-release:162
-
cpe:2.3:a:cloudfoundry:cf-release:163
-
cpe:2.3:a:cloudfoundry:cf-release:164
-
cpe:2.3:a:cloudfoundry:cf-release:165
-
cpe:2.3:a:cloudfoundry:cf-release:166
-
cpe:2.3:a:cloudfoundry:cf-release:167
-
cpe:2.3:a:cloudfoundry:cf-release:168
-
cpe:2.3:a:cloudfoundry:cf-release:169
-
cpe:2.3:a:cloudfoundry:cf-release:170
-
cpe:2.3:a:cloudfoundry:cf-release:171
-
cpe:2.3:a:cloudfoundry:cf-release:172
-
cpe:2.3:a:cloudfoundry:cf-release:173
-
cpe:2.3:a:cloudfoundry:cf-release:174
-
cpe:2.3:a:cloudfoundry:cf-release:175
-
cpe:2.3:a:cloudfoundry:cf-release:176
-
cpe:2.3:a:cloudfoundry:cf-release:177
-
cpe:2.3:a:cloudfoundry:cf-release:178
-
cpe:2.3:a:cloudfoundry:cf-release:179
-
cpe:2.3:a:cloudfoundry:cf-release:180
-
cpe:2.3:a:cloudfoundry:cf-release:181
-
cpe:2.3:a:cloudfoundry:cf-release:182
-
cpe:2.3:a:cloudfoundry:cf-release:183
-
cpe:2.3:a:cloudfoundry:cf-release:184
-
cpe:2.3:a:cloudfoundry:cf-release:185
-
cpe:2.3:a:cloudfoundry:cf-release:186
-
cpe:2.3:a:cloudfoundry:cf-release:187
-
cpe:2.3:a:cloudfoundry:cf-release:188
-
cpe:2.3:a:cloudfoundry:cf-release:189
-
cpe:2.3:a:cloudfoundry:cf-release:190
-
cpe:2.3:a:cloudfoundry:cf-release:191
-
cpe:2.3:a:cloudfoundry:cf-release:192
-
cpe:2.3:a:cloudfoundry:cf-release:193
-
cpe:2.3:a:cloudfoundry:cf-release:194
-
cpe:2.3:a:cloudfoundry:cf-release:195
-
cpe:2.3:a:cloudfoundry:cf-release:196
-
cpe:2.3:a:cloudfoundry:cf-release:197
-
cpe:2.3:a:cloudfoundry:cf-release:198
-
cpe:2.3:a:cloudfoundry:cf-release:199
-
cpe:2.3:a:cloudfoundry:cf-release:200
-
cpe:2.3:a:cloudfoundry:cf-release:201
-
cpe:2.3:a:cloudfoundry:cf-release:202
-
cpe:2.3:a:cloudfoundry:cf-release:203
-
cpe:2.3:a:cloudfoundry:cf-release:204
-
cpe:2.3:a:cloudfoundry:cf-release:205
-
cpe:2.3:a:cloudfoundry:cf-release:206
-
cpe:2.3:a:cloudfoundry:cf-release:207
-
cpe:2.3:a:cloudfoundry:cf-release:208
-
cpe:2.3:a:cloudfoundry:cf-release:209
-
cpe:2.3:a:cloudfoundry:cf-release:210
-
cpe:2.3:a:cloudfoundry:cf-release:211
-
cpe:2.3:a:cloudfoundry:cf-release:212
-
cpe:2.3:a:cloudfoundry:cf-release:213
-
cpe:2.3:a:cloudfoundry:cf-release:214
-
cpe:2.3:a:cloudfoundry:cf-release:215
-
cpe:2.3:a:cloudfoundry:cf-release:216
-
cpe:2.3:a:cloudfoundry:cf-release:217
-
cpe:2.3:a:cloudfoundry:cf-release:218
-
cpe:2.3:a:cloudfoundry:cf-release:219
-
cpe:2.3:a:cloudfoundry:cf-release:220
-
cpe:2.3:a:cloudfoundry:cf-release:221
-
cpe:2.3:a:cloudfoundry:cf-release:222
-
cpe:2.3:a:cloudfoundry:cf-release:223
-
cpe:2.3:a:cloudfoundry:cf-release:224
-
cpe:2.3:a:cloudfoundry:cf-release:225
-
cpe:2.3:a:cloudfoundry:cf-release:226
-
cpe:2.3:a:cloudfoundry:cf-release:227
-
cpe:2.3:a:cloudfoundry:cf-release:228
-
cpe:2.3:a:cloudfoundry:cf-release:229
-
cpe:2.3:a:cloudfoundry:cf-release:230
-
cpe:2.3:a:cloudfoundry:cf-release:231
-
cpe:2.3:a:cloudfoundry:cf-release:232
-
cpe:2.3:a:cloudfoundry:cf-release:233
-
cpe:2.3:a:cloudfoundry:cf-release:234
-
cpe:2.3:a:cloudfoundry:cf-release:235
-
cpe:2.3:a:cloudfoundry:cf-release:236
-
cpe:2.3:a:cloudfoundry:cf-release:237
-
cpe:2.3:a:cloudfoundry:cf-release:238
-
cpe:2.3:a:cloudfoundry:cf-release:239
-
cpe:2.3:a:cloudfoundry:cf-release:240
-
cpe:2.3:a:cloudfoundry:cf-release:241
-
cpe:2.3:a:cloudfoundry:cf-release:242
-
cpe:2.3:a:cloudfoundry:cf-release:243
-
cpe:2.3:a:cloudfoundry:cf-release:244
-
cpe:2.3:a:cloudfoundry:cf-release:245
-
cpe:2.3:a:cloudfoundry:cf-release:246
-
cpe:2.3:a:cloudfoundry:cf-release:247
-
cpe:2.3:a:cloudfoundry:cf-release:248
-
cpe:2.3:a:cloudfoundry:cf-release:249
-
cpe:2.3:a:cloudfoundry:cf-release:250
-
cpe:2.3:a:cloudfoundry:cf-release:251
-
cpe:2.3:a:cloudfoundry:cf-release:252
-
cpe:2.3:a:cloudfoundry:cf-release:253
-
cpe:2.3:a:cloudfoundry:cf-release:254
-
cpe:2.3:a:cloudfoundry:cf-release:255
-
cpe:2.3:a:cloudfoundry:cf-release:256
-
cpe:2.3:a:cloudfoundry:cf-release:257
-
cpe:2.3:a:cloudfoundry:cf-release:258
-
cpe:2.3:a:cloudfoundry:cf-release:259
-
cpe:2.3:a:cloudfoundry:cf-release:260
-
cpe:2.3:a:cloudfoundry:cf-release:261
-
cpe:2.3:a:cloudfoundry:cf-release:262
-
cpe:2.3:a:cloudfoundry:cf-release:263
-
cpe:2.3:a:cloudfoundry:cf-release:264
-
cpe:2.3:a:cloudfoundry:cf-release:265
-
cpe:2.3:a:cloudfoundry:cf-release:266
-
cpe:2.3:a:cloudfoundry:cf-release:68
-
cpe:2.3:a:cloudfoundry:cf-release:69
-
cpe:2.3:a:cloudfoundry:cf-release:70
-
cpe:2.3:a:cloudfoundry:cf-release:71
-
cpe:2.3:a:cloudfoundry:cf-release:72
-
cpe:2.3:a:cloudfoundry:cf-release:73
-
cpe:2.3:a:cloudfoundry:cf-release:74
-
cpe:2.3:a:cloudfoundry:cf-release:75
-
cpe:2.3:a:cloudfoundry:cf-release:76
-
cpe:2.3:a:cloudfoundry:cf-release:77
-
cpe:2.3:a:cloudfoundry:cf-release:78
-
cpe:2.3:a:cloudfoundry:cf-release:79
-
cpe:2.3:a:cloudfoundry:cf-release:80
-
cpe:2.3:a:cloudfoundry:cf-release:81
-
cpe:2.3:a:cloudfoundry:cf-release:82
-
cpe:2.3:a:cloudfoundry:cf-release:83
-
cpe:2.3:a:cloudfoundry:cf-release:84
-
cpe:2.3:a:cloudfoundry:cf-release:85
-
cpe:2.3:a:cloudfoundry:cf-release:86
-
cpe:2.3:a:cloudfoundry:cf-release:87
-
cpe:2.3:a:cloudfoundry:cf-release:88
-
cpe:2.3:a:cloudfoundry:cf-release:89
-
cpe:2.3:a:cloudfoundry:cf-release:90
-
cpe:2.3:a:cloudfoundry:cf-release:91
-
cpe:2.3:a:cloudfoundry:cf-release:92
-
cpe:2.3:a:cloudfoundry:cf-release:93
-
cpe:2.3:a:cloudfoundry:cf-release:94
-
cpe:2.3:a:cloudfoundry:cf-release:95
-
cpe:2.3:a:cloudfoundry:cf-release:96
-
cpe:2.3:a:cloudfoundry:cf-release:97
-
cpe:2.3:a:cloudfoundry:cf-release:98
-
cpe:2.3:a:cloudfoundry:cf-release:99
-
cpe:2.3:a:cloudfoundry:routing-release:-
-
cpe:2.3:a:cloudfoundry:routing-release:0.118.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.121.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.122.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.123.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.126.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.133.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.134.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.135.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.136.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.137.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.138.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.139.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.140.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.141.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.142.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.143.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.144.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.144.1
-
cpe:2.3:a:cloudfoundry:routing-release:0.145.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.146.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.147.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.149.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.150.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.151.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.152.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.153.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.154.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.155.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.156.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.157.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.158.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.62.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.66.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.69.0
-
cpe:2.3:a:cloudfoundry:routing-release:0.99.0