Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Elastic
CSRF
Cloud Foundry Uaa Bosh
Cloud Foundry
Cloud Foundry Elastic Runtime
+2
NVD
CVSS 3.0
9.6
EPSS
0.1%