CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3788

Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.1%

CVSS Severity

CVSS v3 Score 8.7

CVSS v2 Score 5.8

References

Products affected by CVE-2019-3788

Cloudfoundry » Uaa Release » Version: 10.0

cpe:2.3:a:cloudfoundry:uaa_release:10.0
Cloudfoundry » Uaa Release » Version: 11.0

cpe:2.3:a:cloudfoundry:uaa_release:11.0
Cloudfoundry » Uaa Release » Version: 11.1

cpe:2.3:a:cloudfoundry:uaa_release:11.1
Cloudfoundry » Uaa Release » Version: 11.2

cpe:2.3:a:cloudfoundry:uaa_release:11.2
Cloudfoundry » Uaa Release » Version: 11.3

cpe:2.3:a:cloudfoundry:uaa_release:11.3
Cloudfoundry » Uaa Release » Version: 11.4

cpe:2.3:a:cloudfoundry:uaa_release:11.4
Cloudfoundry » Uaa Release » Version: 11.5

cpe:2.3:a:cloudfoundry:uaa_release:11.5
Cloudfoundry » Uaa Release » Version: 11.7

cpe:2.3:a:cloudfoundry:uaa_release:11.7
Cloudfoundry » Uaa Release » Version: 12.0

cpe:2.3:a:cloudfoundry:uaa_release:12.0
Cloudfoundry » Uaa Release » Version: 12.1

cpe:2.3:a:cloudfoundry:uaa_release:12.1
Cloudfoundry » Uaa Release » Version: 12.2

cpe:2.3:a:cloudfoundry:uaa_release:12.2
Cloudfoundry » Uaa Release » Version: 12.3

cpe:2.3:a:cloudfoundry:uaa_release:12.3
Cloudfoundry » Uaa Release » Version: 12.4

cpe:2.3:a:cloudfoundry:uaa_release:12.4
Cloudfoundry » Uaa Release » Version: 12.5

cpe:2.3:a:cloudfoundry:uaa_release:12.5
Cloudfoundry » Uaa Release » Version: 12.6

cpe:2.3:a:cloudfoundry:uaa_release:12.6
Cloudfoundry » Uaa Release » Version: 13.0

cpe:2.3:a:cloudfoundry:uaa_release:13.0
Cloudfoundry » Uaa Release » Version: 13.1

cpe:2.3:a:cloudfoundry:uaa_release:13.1
Cloudfoundry » Uaa Release » Version: 13.10

cpe:2.3:a:cloudfoundry:uaa_release:13.10
Cloudfoundry » Uaa Release » Version: 13.11

cpe:2.3:a:cloudfoundry:uaa_release:13.11
Cloudfoundry » Uaa Release » Version: 13.12

cpe:2.3:a:cloudfoundry:uaa_release:13.12
Cloudfoundry » Uaa Release » Version: 13.13

cpe:2.3:a:cloudfoundry:uaa_release:13.13
Cloudfoundry » Uaa Release » Version: 13.14

cpe:2.3:a:cloudfoundry:uaa_release:13.14
Cloudfoundry » Uaa Release » Version: 13.15

cpe:2.3:a:cloudfoundry:uaa_release:13.15
Cloudfoundry » Uaa Release » Version: 13.16

cpe:2.3:a:cloudfoundry:uaa_release:13.16
Cloudfoundry » Uaa Release » Version: 13.17

cpe:2.3:a:cloudfoundry:uaa_release:13.17
Cloudfoundry » Uaa Release » Version: 13.18

cpe:2.3:a:cloudfoundry:uaa_release:13.18
Cloudfoundry » Uaa Release » Version: 13.2

cpe:2.3:a:cloudfoundry:uaa_release:13.2
Cloudfoundry » Uaa Release » Version: 13.3

cpe:2.3:a:cloudfoundry:uaa_release:13.3
Cloudfoundry » Uaa Release » Version: 13.4

cpe:2.3:a:cloudfoundry:uaa_release:13.4
Cloudfoundry » Uaa Release » Version: 13.5

cpe:2.3:a:cloudfoundry:uaa_release:13.5
Cloudfoundry » Uaa Release » Version: 13.6

cpe:2.3:a:cloudfoundry:uaa_release:13.6
Cloudfoundry » Uaa Release » Version: 13.7

cpe:2.3:a:cloudfoundry:uaa_release:13.7
Cloudfoundry » Uaa Release » Version: 13.8

cpe:2.3:a:cloudfoundry:uaa_release:13.8
Cloudfoundry » Uaa Release » Version: 13.9

cpe:2.3:a:cloudfoundry:uaa_release:13.9
Cloudfoundry » Uaa Release » Version: 14.0

cpe:2.3:a:cloudfoundry:uaa_release:14.0
Cloudfoundry » Uaa Release » Version: 15.0

cpe:2.3:a:cloudfoundry:uaa_release:15.0
Cloudfoundry » Uaa Release » Version: 16.0

cpe:2.3:a:cloudfoundry:uaa_release:16.0
Cloudfoundry » Uaa Release » Version: 17.0

cpe:2.3:a:cloudfoundry:uaa_release:17.0
Cloudfoundry » Uaa Release » Version: 18.0

cpe:2.3:a:cloudfoundry:uaa_release:18.0
Cloudfoundry » Uaa Release » Version: 19.0

cpe:2.3:a:cloudfoundry:uaa_release:19.0
Cloudfoundry » Uaa Release » Version: 2.0

cpe:2.3:a:cloudfoundry:uaa_release:2.0
Cloudfoundry » Uaa Release » Version: 20.0

cpe:2.3:a:cloudfoundry:uaa_release:20.0
Cloudfoundry » Uaa Release » Version: 21.0

cpe:2.3:a:cloudfoundry:uaa_release:21.0
Cloudfoundry » Uaa Release » Version: 22.0

cpe:2.3:a:cloudfoundry:uaa_release:22.0
Cloudfoundry » Uaa Release » Version: 23.0

cpe:2.3:a:cloudfoundry:uaa_release:23.0
Cloudfoundry » Uaa Release » Version: 24.0

cpe:2.3:a:cloudfoundry:uaa_release:24.0
Cloudfoundry » Uaa Release » Version: 24.1

cpe:2.3:a:cloudfoundry:uaa_release:24.1
Cloudfoundry » Uaa Release » Version: 24.10

cpe:2.3:a:cloudfoundry:uaa_release:24.10
Cloudfoundry » Uaa Release » Version: 24.11

cpe:2.3:a:cloudfoundry:uaa_release:24.11
Cloudfoundry » Uaa Release » Version: 24.12

cpe:2.3:a:cloudfoundry:uaa_release:24.12
Cloudfoundry » Uaa Release » Version: 24.13

cpe:2.3:a:cloudfoundry:uaa_release:24.13
Cloudfoundry » Uaa Release » Version: 24.14

cpe:2.3:a:cloudfoundry:uaa_release:24.14
Cloudfoundry » Uaa Release » Version: 24.2

cpe:2.3:a:cloudfoundry:uaa_release:24.2
Cloudfoundry » Uaa Release » Version: 24.3

cpe:2.3:a:cloudfoundry:uaa_release:24.3
Cloudfoundry » Uaa Release » Version: 24.4

cpe:2.3:a:cloudfoundry:uaa_release:24.4
Cloudfoundry » Uaa Release » Version: 24.5

cpe:2.3:a:cloudfoundry:uaa_release:24.5
Cloudfoundry » Uaa Release » Version: 24.6

cpe:2.3:a:cloudfoundry:uaa_release:24.6
Cloudfoundry » Uaa Release » Version: 24.7

cpe:2.3:a:cloudfoundry:uaa_release:24.7
Cloudfoundry » Uaa Release » Version: 24.8

cpe:2.3:a:cloudfoundry:uaa_release:24.8
Cloudfoundry » Uaa Release » Version: 24.9

cpe:2.3:a:cloudfoundry:uaa_release:24.9
Cloudfoundry » Uaa Release » Version: 25.0

cpe:2.3:a:cloudfoundry:uaa_release:25.0
Cloudfoundry » Uaa Release » Version: 26.0

cpe:2.3:a:cloudfoundry:uaa_release:26.0
Cloudfoundry » Uaa Release » Version: 27.0

cpe:2.3:a:cloudfoundry:uaa_release:27.0
Cloudfoundry » Uaa Release » Version: 28.0

cpe:2.3:a:cloudfoundry:uaa_release:28.0
Cloudfoundry » Uaa Release » Version: 29.0

cpe:2.3:a:cloudfoundry:uaa_release:29.0
Cloudfoundry » Uaa Release » Version: 3.0

cpe:2.3:a:cloudfoundry:uaa_release:3.0
Cloudfoundry » Uaa Release » Version: 30.0

cpe:2.3:a:cloudfoundry:uaa_release:30.0
Cloudfoundry » Uaa Release » Version: 30.1

cpe:2.3:a:cloudfoundry:uaa_release:30.1
Cloudfoundry » Uaa Release » Version: 30.2

cpe:2.3:a:cloudfoundry:uaa_release:30.2
Cloudfoundry » Uaa Release » Version: 30.3

cpe:2.3:a:cloudfoundry:uaa_release:30.3
Cloudfoundry » Uaa Release » Version: 30.4

cpe:2.3:a:cloudfoundry:uaa_release:30.4
Cloudfoundry » Uaa Release » Version: 30.5

cpe:2.3:a:cloudfoundry:uaa_release:30.5
Cloudfoundry » Uaa Release » Version: 30.6

cpe:2.3:a:cloudfoundry:uaa_release:30.6
Cloudfoundry » Uaa Release » Version: 30.7

cpe:2.3:a:cloudfoundry:uaa_release:30.7
Cloudfoundry » Uaa Release » Version: 30.8

cpe:2.3:a:cloudfoundry:uaa_release:30.8
Cloudfoundry » Uaa Release » Version: 30.9

cpe:2.3:a:cloudfoundry:uaa_release:30.9
Cloudfoundry » Uaa Release » Version: 31.0

cpe:2.3:a:cloudfoundry:uaa_release:31.0
Cloudfoundry » Uaa Release » Version: 32.0

cpe:2.3:a:cloudfoundry:uaa_release:32.0
Cloudfoundry » Uaa Release » Version: 33.0

cpe:2.3:a:cloudfoundry:uaa_release:33.0
Cloudfoundry » Uaa Release » Version: 34.0

cpe:2.3:a:cloudfoundry:uaa_release:34.0
Cloudfoundry » Uaa Release » Version: 34.1

cpe:2.3:a:cloudfoundry:uaa_release:34.1
Cloudfoundry » Uaa Release » Version: 34.2

cpe:2.3:a:cloudfoundry:uaa_release:34.2
Cloudfoundry » Uaa Release » Version: 34.3

cpe:2.3:a:cloudfoundry:uaa_release:34.3
Cloudfoundry » Uaa Release » Version: 35.0

cpe:2.3:a:cloudfoundry:uaa_release:35.0
Cloudfoundry » Uaa Release » Version: 36.0

cpe:2.3:a:cloudfoundry:uaa_release:36.0
Cloudfoundry » Uaa Release » Version: 37.0

cpe:2.3:a:cloudfoundry:uaa_release:37.0
Cloudfoundry » Uaa Release » Version: 38.0

cpe:2.3:a:cloudfoundry:uaa_release:38.0
Cloudfoundry » Uaa Release » Version: 39.0

cpe:2.3:a:cloudfoundry:uaa_release:39.0
Cloudfoundry » Uaa Release » Version: 4.0

cpe:2.3:a:cloudfoundry:uaa_release:4.0
Cloudfoundry » Uaa Release » Version: 40.0

cpe:2.3:a:cloudfoundry:uaa_release:40.0
Cloudfoundry » Uaa Release » Version: 41.0

cpe:2.3:a:cloudfoundry:uaa_release:41.0
Cloudfoundry » Uaa Release » Version: 41.1

cpe:2.3:a:cloudfoundry:uaa_release:41.1
Cloudfoundry » Uaa Release » Version: 43.0

cpe:2.3:a:cloudfoundry:uaa_release:43.0
Cloudfoundry » Uaa Release » Version: 44.0

cpe:2.3:a:cloudfoundry:uaa_release:44.0
Cloudfoundry » Uaa Release » Version: 45.0

cpe:2.3:a:cloudfoundry:uaa_release:45.0
Cloudfoundry » Uaa Release » Version: 45.1

cpe:2.3:a:cloudfoundry:uaa_release:45.1
Cloudfoundry » Uaa Release » Version: 45.10

cpe:2.3:a:cloudfoundry:uaa_release:45.10
Cloudfoundry » Uaa Release » Version: 45.11

cpe:2.3:a:cloudfoundry:uaa_release:45.11
Cloudfoundry » Uaa Release » Version: 45.2

cpe:2.3:a:cloudfoundry:uaa_release:45.2
Cloudfoundry » Uaa Release » Version: 45.3

cpe:2.3:a:cloudfoundry:uaa_release:45.3
Cloudfoundry » Uaa Release » Version: 45.4

cpe:2.3:a:cloudfoundry:uaa_release:45.4
Cloudfoundry » Uaa Release » Version: 45.5

cpe:2.3:a:cloudfoundry:uaa_release:45.5
Cloudfoundry » Uaa Release » Version: 45.6

cpe:2.3:a:cloudfoundry:uaa_release:45.6
Cloudfoundry » Uaa Release » Version: 45.7

cpe:2.3:a:cloudfoundry:uaa_release:45.7
Cloudfoundry » Uaa Release » Version: 45.8

cpe:2.3:a:cloudfoundry:uaa_release:45.8
Cloudfoundry » Uaa Release » Version: 45.9

cpe:2.3:a:cloudfoundry:uaa_release:45.9
Cloudfoundry » Uaa Release » Version: 48.0

cpe:2.3:a:cloudfoundry:uaa_release:48.0
Cloudfoundry » Uaa Release » Version: 5.0

cpe:2.3:a:cloudfoundry:uaa_release:5.0
Cloudfoundry » Uaa Release » Version: 50.0

cpe:2.3:a:cloudfoundry:uaa_release:50.0
Cloudfoundry » Uaa Release » Version: 51.0

cpe:2.3:a:cloudfoundry:uaa_release:51.0
Cloudfoundry » Uaa Release » Version: 52.0

cpe:2.3:a:cloudfoundry:uaa_release:52.0
Cloudfoundry » Uaa Release » Version: 52.1

cpe:2.3:a:cloudfoundry:uaa_release:52.1
Cloudfoundry » Uaa Release » Version: 52.10

cpe:2.3:a:cloudfoundry:uaa_release:52.10
Cloudfoundry » Uaa Release » Version: 52.2

cpe:2.3:a:cloudfoundry:uaa_release:52.2
Cloudfoundry » Uaa Release » Version: 52.4

cpe:2.3:a:cloudfoundry:uaa_release:52.4
Cloudfoundry » Uaa Release » Version: 52.5

cpe:2.3:a:cloudfoundry:uaa_release:52.5
Cloudfoundry » Uaa Release » Version: 52.6

cpe:2.3:a:cloudfoundry:uaa_release:52.6
Cloudfoundry » Uaa Release » Version: 52.7

cpe:2.3:a:cloudfoundry:uaa_release:52.7
Cloudfoundry » Uaa Release » Version: 52.8

cpe:2.3:a:cloudfoundry:uaa_release:52.8
Cloudfoundry » Uaa Release » Version: 52.9

cpe:2.3:a:cloudfoundry:uaa_release:52.9
Cloudfoundry » Uaa Release » Version: 53.0

cpe:2.3:a:cloudfoundry:uaa_release:53.0
Cloudfoundry » Uaa Release » Version: 53.1

cpe:2.3:a:cloudfoundry:uaa_release:53.1
Cloudfoundry » Uaa Release » Version: 53.2

cpe:2.3:a:cloudfoundry:uaa_release:53.2
Cloudfoundry » Uaa Release » Version: 53.3

cpe:2.3:a:cloudfoundry:uaa_release:53.3
Cloudfoundry » Uaa Release » Version: 54.0

cpe:2.3:a:cloudfoundry:uaa_release:54.0
Cloudfoundry » Uaa Release » Version: 55.0

cpe:2.3:a:cloudfoundry:uaa_release:55.0
Cloudfoundry » Uaa Release » Version: 55.1

cpe:2.3:a:cloudfoundry:uaa_release:55.1
Cloudfoundry » Uaa Release » Version: 55.2

cpe:2.3:a:cloudfoundry:uaa_release:55.2
Cloudfoundry » Uaa Release » Version: 56.0

cpe:2.3:a:cloudfoundry:uaa_release:56.0
Cloudfoundry » Uaa Release » Version: 57.0

cpe:2.3:a:cloudfoundry:uaa_release:57.0
Cloudfoundry » Uaa Release » Version: 57.1

cpe:2.3:a:cloudfoundry:uaa_release:57.1
Cloudfoundry » Uaa Release » Version: 57.2

cpe:2.3:a:cloudfoundry:uaa_release:57.2
Cloudfoundry » Uaa Release » Version: 57.3

cpe:2.3:a:cloudfoundry:uaa_release:57.3
Cloudfoundry » Uaa Release » Version: 57.4

cpe:2.3:a:cloudfoundry:uaa_release:57.4
Cloudfoundry » Uaa Release » Version: 58.0

cpe:2.3:a:cloudfoundry:uaa_release:58.0
Cloudfoundry » Uaa Release » Version: 58.1

cpe:2.3:a:cloudfoundry:uaa_release:58.1
Cloudfoundry » Uaa Release » Version: 59.0

cpe:2.3:a:cloudfoundry:uaa_release:59.0
Cloudfoundry » Uaa Release » Version: 6.0

cpe:2.3:a:cloudfoundry:uaa_release:6.0
Cloudfoundry » Uaa Release » Version: 60.0

cpe:2.3:a:cloudfoundry:uaa_release:60.0
Cloudfoundry » Uaa Release » Version: 60.2

cpe:2.3:a:cloudfoundry:uaa_release:60.2
Cloudfoundry » Uaa Release » Version: 61.0

cpe:2.3:a:cloudfoundry:uaa_release:61.0
Cloudfoundry » Uaa Release » Version: 62.0

cpe:2.3:a:cloudfoundry:uaa_release:62.0
Cloudfoundry » Uaa Release » Version: 63.0

cpe:2.3:a:cloudfoundry:uaa_release:63.0
Cloudfoundry » Uaa Release » Version: 64.0

cpe:2.3:a:cloudfoundry:uaa_release:64.0
Cloudfoundry » Uaa Release » Version: 66.0

cpe:2.3:a:cloudfoundry:uaa_release:66.0
Cloudfoundry » Uaa Release » Version: 67.0

cpe:2.3:a:cloudfoundry:uaa_release:67.0
Cloudfoundry » Uaa Release » Version: 68.0

cpe:2.3:a:cloudfoundry:uaa_release:68.0
Cloudfoundry » Uaa Release » Version: 69.0

cpe:2.3:a:cloudfoundry:uaa_release:69.0
Cloudfoundry » Uaa Release » Version: 7.0

cpe:2.3:a:cloudfoundry:uaa_release:7.0
Cloudfoundry » Uaa Release » Version: 70.0

cpe:2.3:a:cloudfoundry:uaa_release:70.0
Cloudfoundry » Uaa Release » Version: 8.0

cpe:2.3:a:cloudfoundry:uaa_release:8.0
Cloudfoundry » Uaa Release » Version: 9.0

cpe:2.3:a:cloudfoundry:uaa_release:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3788

Products

Pricing

Contact Us