CVE-2019-3775
UAA allows users to modify their own email address
Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user.
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
Produtos afetados
Cloud Foundry · UAA Release (OSS)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →