An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users to the routing API, aka an "Unauthenticated JWT signing algorithm in routing" issue.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cloudfoundry.org/cve-2016-8218/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2017-06-13T06:00:00
Updated: 2024-08-06T02:13:21.828Z
Reserved: 2016-09-13T00:00:00
Link: CVE-2016-8218
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-06-13T06:29:00.237
Modified: 2024-11-21T02:59:00.493
Link: CVE-2016-8218
Redhat
No data.