PT-2026-33375 · Cloud Foundry · Cf-Deployment+1
Published
2026-04-16
·
Updated
2026-04-17
·
CVE-2026-22734
CVSS v3.1
8.6
High
| AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cloud Foundry UUA versions 77.30.0 through 78.7.0
CF Deployment versions 48.7.0 through 54.14.0
Description
A bypass exists when SAML 2.0 bearer assertions are enabled for a client. The system accepts SAML 2.0 bearer assertions that are neither signed nor encrypted, allowing an unauthenticated attacker to obtain a token for any user and gain access to UAA-protected systems.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Authentication Bypass by Spoofing
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cf-Deployment
Cloud Foundry Uaa