PT-2024-28228 · Cloud Foundry Foundation · Cloud Foundry
Rohit04061992
·
Published
2024-07-18
·
Updated
2024-07-19
·
CVE-2024-38806
CVSS v3.1
3.9
Low
| Vector | AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Cloud Foundry Foundation version v40.17.0
Description
The issue is related to a failure in properly synchronizing a user's permissions in the User Account and Authentication (UAA) system. This potentially results in users retaining access rights they should not have, allowing them to perform operations beyond their intended permissions.
Recommendations
For Cloud Foundry Foundation version v40.17.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cloud Foundry