Version 4.19.2
UAA server
No description available.
Install Instructions
mvn install cloudfoundry-identity-server
Language Java
Package URL (purl) pkg:maven/org.cloudfoundry.identity:cloudfoundry-identity-server@4.19.2
Find UAA server vulnerabilities in your supply chain.
UAA server Vulnerabilities
Sort by
CVE (Latest)
CVE (Latest)
-
CVE (Latest)
-
CVE (Oldest)
-
CVSS Score (Highest)
-
CVSS Score (Lowest)
CVE  |
CVSS Score |
CWE(s) |
EPSS Score |
EPSS % |
Impacted Versions |
|---|---|---|---|---|---|
| CVE-2016-0781 | Medium 6.1 | CWE-79 | 0.00089 | 0.39462 |
|
| CVE-2016-3084 | High 8.1 | CWE-307, CWE-264 | 0.00228 | 0.6057 |
|
| CVE-2016-4468 | High 8.8 | CWE-89 | 0.00099 | 0.42103 |
|
| CVE-2016-5016 | Medium 5.9 | CWE-298, CWE-295 | 0.00297 | 0.68963 |
|
| CVE-2016-6636 | Medium 5.3 | CWE-601 | 0.00168 | 0.53898 |
|
| CVE-2016-6637 | High 9.6 | CWE-352 | 0.0009 | 0.39889 |
|
| CVE-2016-6651 | High 8.8 | CWE-264 | 0.00167 | 0.53807 |
|
| CVE-2017-4960 | High 7.5 | CWE-400 | 0.00083 | 0.37142 |
|
| CVE-2017-4963 | High 8.1 | CWE-384 | 0.00245 | 0.63699 |
|
| CVE-2017-4972 | High 7.5 | CWE-89 | 0.00137 | 0.49676 |
|
| CVE-2017-4973 | High 8.8 | CWE-265, CWE-264, CWE-269 | 0.00104 | 0.43469 |
|
| CVE-2017-4974 | Medium 6.5 | CWE-89 | 0.00051 | 0.22134 |
|
| CVE-2017-4991 | High 7.2 | CWE-269 | 0.00104 | 0.43469 |
|
| CVE-2017-4992 | High 9.8 | CWE-269 | 0.00245 | 0.63699 |
|
| CVE-2017-8031 | Medium 5.3 | 0.00068 | 0.31619 |
|
|
| CVE-2017-8032 | Medium 6.6 | CWE-269 | 0.00102 | 0.4279 |
|
| CVE-2018-11041 | Medium 6.1 | CWE-601 | 0.00089 | 0.39177 |
|
| CVE-2018-11047 | High 7.5 | CWE-863 | 0.00085 | 0.3778 |
|
| CVE-2018-1190 | Medium 6.1 | CWE-79 | 0.00058 | 0.26284 |
|
| CVE-2018-1192 | High 8.8 | CWE-200 | 0.00104 | 0.43469 |
|
| CVE-2018-15761 | High 9.9 | CWE-1259 | 0.00192 | 0.56852 |
|
| CVE-2016-0732 | High 8.8 | CWE-264, CWE-269 | 0.00188 | 0.56299 |
|
| CVE-2018-1262 | High 7.2 | CWE-265 | 0.00118 | 0.46369 |
|
UAA server Vulnerability Remediation Guidance
| CVE | Description | Full list of Impacted Versions | Fix |
|---|---|---|---|
| CVE-2018-15761 | Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2018-1262 | Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation. | 4.13.1, 4.13.3, 4.12.0, 4.13.0, 4.12.1 | Minor → 4.23.0 |
| CVE-2018-1192 | In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2018-1190 | An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.20.2, and UAA bosh v30.x versions prior to v30.8 and all other versions prior to v45.0. A cross-site scripting (XSS) attack is possible in the clientId parameter of a request to the UAA OpenID Connect check session iframe endpoint used for single logout session management. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2018-11047 | Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longer expiration time than access tokens, allowing the possessor of a refresh token to authenticate longer than expected. This affects the administrative endpoints of the UAA. i.e. /Users, /Groups, etc. However, if the user has been deleted or had groups removed, or the client was deleted, the refresh token will no longer be valid. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2018-11041 | Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, allowing open redirects. A remote attacker can craft a malicious link that, when clicked, will redirect users to arbitrary websites after a successful login attempt. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-8032 | In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-8031 | An issue was discovered in Cloud Foundry Foundation cf-release (all versions prior to v279) and UAA (30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1). In some cases, the UAA allows an authenticated user for a particular client to revoke client tokens for other users on the same client. This occurs only if the client is using opaque tokens or JWT tokens validated using the check_token endpoint. A malicious actor could cause denial of service. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4992 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3.6.11, 3.9.x versions prior to v3.9.13, and other versions prior to v4.2.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.15, 24.x versions prior to v24.10, 30.x versions prior to 30.3, and other versions prior to v37. There is privilege escalation (arbitrary password reset) with user invitations. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4991 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 30.2, and other versions prior to v36. Privileged users in one zone are allowed to perform a password reset for users in a different zone. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4974 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior to v30.1. An authorized user can use a blind SQL injection attack to query the contents of the UAA database, aka "Blind SQL Injection with privileged UAA endpoints." | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4973 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. A vulnerability has been identified with the groups endpoint in UAA allowing users to elevate their privileges. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4972 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. An attacker can use a blind SQL injection attack to query the contents of the UAA database. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4963 | An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to authenticate against external SAML or OpenID Connect based identity providers. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2017-4960 | An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2016-6651 | The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before 243; UAA 2.x before 2.7.4.8, 3.x before 3.3.0.6, and 3.4.x before 3.4.5; UAA BOSH before 11.7 and 12.x before 12.6; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.2; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 allows remote authenticated users to gain privileges by leveraging possession of a token. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2016-6637 | Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.2; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 allow remote attackers to hijack the authentication of unspecified victims for requests that approve or deny a scope via a profile or authorize approval page. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2016-6636 | The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.1; and Ops Manager 1.7.x before 1.7.13 and 1.8.x before 1.8.1 mishandles redirect_uri subdomains, which allows remote attackers to obtain implicit access tokens via a modified subdomain. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2016-5016 | Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 (Show all) | Major → 4.23.0 |
| CVE-2016-4468 | SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 3.0.1, 3.3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.0.0, 3.1.0 | Major → 4.23.0 |
| CVE-2016-3084 | The UAA reset password flow in Cloud Foundry release v236 and earlier versions, UAA release v3.3.0 and earlier versions, all versions of Login-server, UAA release v10 and earlier versions and Pivotal Elastic Runtime versions prior to 1.7.2 is vulnerable to a brute force attack due to multiple active codes at a given time. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected. | 3.0.1, 3.2.0, 3.2.1, 3.3.0, 3.0.0, 3.1.0 | Major → 4.23.0 |
| CVE-2016-0781 | The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in either the OAuth scopes (SCIM groups) or SCIM group descriptions. | 3.0.1, 3.2.0, 3.0.0, 3.1.0 | Major → 4.23.0 |
| CVE-2016-0732 | The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors. | 3.0.0 | Major → 4.23.0 |
Instantly see if these UAA server vulnerabilities affect your code.
Dependencies
Packages using versions of UAA server affected by its vulnerabilities
| Dependent Packages |
|---|
| org.cloudfoundry.identity:cloudfoundry-identity-model:4.19.2 |
| org.apache.tomcat:tomcat-jdbc:8.5.23 |
| javax.mail:mail:1.4.7 |
| commons-logging:commons-logging:1.2 |
| com.jayway.jsonpath:json-path:2.4.0 |
| com.google.zxing:javase:3.3.1 |
| org.springframework:spring-beans:4.3.17.RELEASE |
| org.springframework:spring-context:4.3.17.RELEASE |
| org.springframework:spring-tx:4.3.17.RELEASE |
| org.springframework:spring-jdbc:4.3.17.RELEASE |
| org.springframework:spring-web:4.3.17.RELEASE |
| org.springframework:spring-context-support:4.3.17.RELEASE |
| org.springframework.security:spring-security-core:4.2.6.RELEASE |
| org.springframework.security:spring-security-jwt:1.0.8.RELEASE |
| org.apache.httpcomponents:httpclient:4.5.3 |
| org.springframework.security:spring-security-openid:4.2.6.RELEASE |
| org.springframework.security:spring-security-web:4.2.6.RELEASE |
| org.springframework.security.extensions:spring-security-saml2-core:1.0.4.RELEASE |
| org.springframework.security.oauth:spring-security-oauth2:2.0.15.RELEASE |
| org.bouncycastle:bcprov-jdk15on:1.59 |
| org.bouncycastle:bcpkix-jdk15on:1.59 |
| com.google.guava:guava:24.1.1-jre |
| org.aspectj:aspectjrt:1.8.12 |
| org.thymeleaf:thymeleaf-spring4:3.0.6.RELEASE |
| nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect:2.3.0 |
| org.thymeleaf.extras:thymeleaf-extras-springsecurity4:3.0.2.RELEASE |
| com.unboundid.product.scim:scim-sdk:1.8.18 |
| org.hibernate:hibernate-validator:4.3.2.Final |
| org.flywaydb:flyway-core:4.2.0 |
| org.mariadb.jdbc:mariadb-java-client:2.2.0 |
| com.microsoft.sqlserver:mssql-jdbc:6.2.2.jre8 |
| org.hsqldb:hsqldb:2.3.1 |
| org.yaml:snakeyaml:1.18 |
| org.springframework.security:spring-security-ldap:4.2.6.RELEASE |
| org.springframework.ldap:spring-ldap-core:2.3.2.RELEASE |
| org.springframework.ldap:spring-ldap-core-tiger:2.3.2.RELEASE |
| org.apache.directory.api:api-ldap-model:1.0.0 |
| org.passay:passay:1.2.0 |
| com.warrenstrange:googleauth:1.1.2 |
| javax.servlet:javax.servlet-api:3.1.0 |