First published: Fri Sep 30 2016(Updated: )
The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before 243; UAA 2.x before 2.7.4.8, 3.x before 3.3.0.6, and 3.4.x before 3.4.5; UAA BOSH before 11.7 and 12.x before 12.6; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.2; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 allows remote authenticated users to gain privileges by leveraging possession of a token.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cloudfoundry Cloud Foundry Uaa Bosh | <=16.0 | |
Pivotal Software Cloud Foundry | <=242.0 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.0 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.1 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.2 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.3 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.4 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.5 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.6 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.7 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.8 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.9 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.10 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.11 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.12 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.13 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.14 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.15 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.17 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.18 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.19 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.20 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.21 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.22 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.23 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.25 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.26 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.27 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.28 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.29 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.30 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.31 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.32 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.33 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.34 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.35 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.36 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.37 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.38 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.6.39 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.0 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.1 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.2 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.3 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.4 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.5 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.6 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.7 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.8 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.9 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.10 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.11 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.12 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.13 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.14 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.15 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.16 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.17 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.18 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.19 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.7.20 | |
Pivotal Software Cloud Foundry Elastic Runtime | =1.8.0 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.0 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.1 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.2 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.3 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.4 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.5 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.6 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.7 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.8 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.9 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.10 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.11 | |
Pivotal Software Cloud Foundry Ops Manager | =1.7.12 | |
Pivotal Software Cloud Foundry Ops Manager | =1.8.0 | |
Pivotal Software Cloud Foundry Uaa | <=3.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.