cloudfoundry cloud-foundry-uaa-bosh CVE-2017-4992 in Cloudfoundry and Pivotal Software Products
Published on June 13, 2017

product logo product logo
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3.6.11, 3.9.x versions prior to v3.9.13, and other versions prior to v4.2.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.15, 24.x versions prior to v24.10, 30.x versions prior to 30.3, and other versions prior to v37. There is privilege escalation (arbitrary password reset) with user invitations.

NVD


Products Associated with CVE-2017-4992

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2017-4992 are published in these products:

Cloudfoundry Cloud Foundry Uaa Bosh
 
Pivotal Software Cloud Foundry Uaa
 
Pivotal Software Cloud Foundry Cf
 
Cloudfoundry Cf Release
 

Exploit Probability

EPSS
0.39%
Percentile
59.36%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.