CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Pivotal Software: >> Cloud Foundry Uaa >> 74.0.0 Security Vulnerabilities

CVE-2019-11282

Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote authenticated malicious user with scim.invite scope can craft a request with malicious content which can leak information about users of the UAA.

CVSS Score

4.3

EPSS Score

0.003

Published

2019-10-23

Page 1

Vulnerabilities

Vulnerable Software

Pivotal Software: >> Cloud Foundry Uaa >> 74.0.0 Security Vulnerabilities

Products

Pricing

Contact Us