An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/96780 | Third Party Advisory VDB Entry |
https://www.cloudfoundry.org/cve-2017-4960/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
06 Aug 2021, 13:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:25.0:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.0:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.3:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:22.0:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:21.0:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.5:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.2:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:23.0:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.4:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.1:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:cloud_foundry_uaa_bosh:24.6:*:*:*:*:*:*:* |
cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:26:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.6:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.2:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:23:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:25:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.1:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:21:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.5:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:22:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.3:*:*:*:*:*:*:* cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.4:*:*:*:*:*:*:* |
Information
Published : 2017-03-10 01:59
Updated : 2023-12-10 12:01
NVD link : CVE-2017-4960
Mitre link : CVE-2017-4960
CVE.ORG link : CVE-2017-4960
JSON object : View
Products Affected
pivotal_software
- cloud_foundry
- cloud_foundry_uaa
cloudfoundry
- cloud_foundry_uaa_bosh
CWE