Pivotal Software: >> Cloudfoundry Uaa Release >> 61.0 Security Vulnerabilities
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.
CVSS Score
9.9
EPSS Score
0.005
Published
2018-11-19