CVE-2018-1262 in Pivotal Software and Cloudfoundry Products
Published on May 15, 2018

Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation.

NVD

Products Associated with CVE-2018-1262

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1262 are published in these products:

Pivotal Software Cloud Foundry Cf Deployment

Pivotal Software Cloud Foundry Uaa Release

Pivotal Software Cloud Foundry Uaa

Cloudfoundry Cf Deployment

Affected Versions

Cloud Foundry CloudFoundry UAA Version 4.12.X and 4.13.X is affected by CVE-2018-1262

Exploit Probability

EPSS

0.39%

Percentile

59.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1262 in Pivotal Software and Cloudfoundry ProductsPublished on May 15, 2018

Products Associated with CVE-2018-1262

Affected Versions

Exploit Probability

CVE-2018-1262 in Pivotal Software and Cloudfoundry Products
Published on May 15, 2018