CVE-2018-15761 vulnerability in Pivotal Software Products
Published on November 19, 2018

UAA Privilege Escalation
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.

NVD

Products Associated with CVE-2018-15761

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-15761 are published in these products:

Pivotal Software Cloudfoundry Uaa Release

Pivotal Software Cloud Foundry Uaa

Affected Versions

Cloud Foundry UAA:

Version all versions and below 4.23.0 is affected.

Cloud Foundry UAA Release:

Version all versions and below 64.0 is affected.

Exploit Probability

EPSS

0.53%

Percentile

66.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-15761 vulnerability in Pivotal Software ProductsPublished on November 19, 2018

Products Associated with CVE-2018-15761

Affected Versions

Exploit Probability

CVE-2018-15761 vulnerability in Pivotal Software Products
Published on November 19, 2018