CVE-2019-11268 is a vulnerability in Pivotal Software Cloud Foundry Uaa Release
Published on July 11, 2019
UAA SQL Identity Zone Vulnerability
Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user with basic read privileges for one identity zone can extend those reading privileges to all other identity zones and obtain private information on users, clients, and groups in all other identity zones.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2019-11268 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2019-11268
Want to know whenever a new CVE is published for Pivotal Software Cloud Foundry Uaa Release? stack.watch will email you.
Affected Versions
Cloud Foundry UAA Release (OSS) Version prior to v73.3.0 is affected by CVE-2019-11268Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.