Описание
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.
EPSS
Процентиль: 43%
0.0021
Низкий
CVE ID
Связанные уязвимости
CVSS3: 8.8
nvd
почти 6 лет назад
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.
EPSS
Процентиль: 43%
0.0021
Низкий