CVE-2017-4960

Summary

An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.

Affected Software

VendorProductVersion RangeStatus
n/aCloud Foundry Foundation Cloud Foundry release v247 - v252, UAA stand-alone release v3.9.0 - v3.11.0, UAA Bosh Release v21 - v26Cloud Foundry Foundation Cloud Foundry release v247 - v252, UAA stand-alone release v3.9.0 - v3.11.0, UAA Bosh Release v21 - v26affected

Weaknesses

  • DOS

ADP Enrichment

CVE Program Container

Additional References

References