CVE-2025-22246

Summary

Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.

Affected Software

VendorProductVersion RangeStatus
Cloud FoundryUAAv77.21.0 < v77.32.0affected
Cloud FoundryCF deploymentv45.1.0 <= v48.11.0affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References