Uaa Release
Monthly
Private key disclosure in Cloud Foundry UAA versions v76.12.0 through v78.12.0 allows unauthenticated remote attackers to retrieve Elliptic Curve (EC) private key material from the public /token_keys endpoint, which is supposed to expose only public verification keys. With the leaked private keys, attackers can forge arbitrary JWTs and impersonate any UAA-authenticated identity across the platform. No public exploit identified at time of analysis, though the CVSS 10.0 score and trivial reproduction step (a single unauthenticated HTTP GET) make weaponization straightforward once the issue is widely known.
Cloudfoundry UAA versions 77.30.0 through 78.7.0 and Cloudfoundry Deployment versions 48.7.0 through 54.10.0 contain a logic error in the token revocation endpoint that allows authenticated users to inadvertently revoke tokens belonging to other users. An attacker with valid credentials could exploit this flaw to disrupt service availability by invalidating legitimate user sessions without authorization.
Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs. Rated low severity (CVSS 3.0). No vendor patch available.
Private key disclosure in Cloud Foundry UAA versions v76.12.0 through v78.12.0 allows unauthenticated remote attackers to retrieve Elliptic Curve (EC) private key material from the public /token_keys endpoint, which is supposed to expose only public verification keys. With the leaked private keys, attackers can forge arbitrary JWTs and impersonate any UAA-authenticated identity across the platform. No public exploit identified at time of analysis, though the CVSS 10.0 score and trivial reproduction step (a single unauthenticated HTTP GET) make weaponization straightforward once the issue is widely known.
Cloudfoundry UAA versions 77.30.0 through 78.7.0 and Cloudfoundry Deployment versions 48.7.0 through 54.10.0 contain a logic error in the token revocation endpoint that allows authenticated users to inadvertently revoke tokens belonging to other users. An attacker with valid credentials could exploit this flaw to disrupt service availability by invalidating legitimate user sessions without authorization.
Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs. Rated low severity (CVSS 3.0). No vendor patch available.