Pivotal Software - Application Service CVE

Filtered by vendor Pivotal Software Subscribe

Filtered by product Application Service

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-11270	1 Pivotal Software	3 Application Service, Cloud Foundry Uaa, Operations Manager	2020-10-02	5.0 MEDIUM	7.5 HIGH
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator does not possess.

Vulnerabilities (CVE)