← volver
CVE-2021-22001

CVE-2021-22001

EPSS 1.0%CWE-200
In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent to UAA server.
Productos afectados
n/a · Cloud Foundry UAA server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.cloudfoundry.org/blog/cve-2021-22001-sensitive-info-leakage-in-uaa-during-identity-provider-deletion/