CVE-2017-8032 - Vulnerability Details

Vendors	Products
Cloudfoundry	Cloud Foundry Uaa Bosh
Pivotal Software	Cloud Foundry Cf Cloud Foundry Uaa

Link	Providers
https://www.cloudfoundry.org/cve-2017-8032/

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Cloud Foundry", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cloud Foundry"}]}], "datePublic": "2017-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider."}], "problemTypes": [{"descriptions": [{"description": "Admin Privilege Escalation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T19:57:01", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.cloudfoundry.org/cve-2017-8032/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2017-8032", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cloud Foundry", "version": {"version_data": [{"version_value": "Cloud Foundry"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Admin Privilege Escalation"}]}]}, "references": {"reference_data": [{"name": "https://www.cloudfoundry.org/cve-2017-8032/", "refsource": "CONFIRM", "url": "https://www.cloudfoundry.org/cve-2017-8032/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:19:29.855Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cloudfoundry.org/cve-2017-8032/"}]}]}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2017-8032", "datePublished": "2017-07-10T20:00:00", "dateReserved": "2017-04-21T00:00:00", "dateUpdated": "2024-08-05T16:19:29.855Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Cloud Foundry (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : Cloud Foundry (string)

}

]

}

]

datePublic : 2017-07-10T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Admin Privilege Escalation (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-07-10T19:57:01 (string)

orgId : c550e75a-17ff-4988-97f0-544cde3820fe (string)

shortName : dell (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://www.cloudfoundry.org/cve-2017-8032/ (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security_alert@emc.com (string)

ID : CVE-2017-8032 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Cloud Foundry (string)

version : { »

version_data : [ »

0 : { »

version_value : Cloud Foundry (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Admin Privilege Escalation (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.cloudfoundry.org/cve-2017-8032/ (string)

refsource : CONFIRM (string)

url : https://www.cloudfoundry.org/cve-2017-8032/ (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T16:19:29.855Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://www.cloudfoundry.org/cve-2017-8032/ (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : c550e75a-17ff-4988-97f0-544cde3820fe (string)

assignerShortName : dell (string)

cveId : CVE-2017-8032 (string)

datePublished : 2017-07-10T20:00:00 (string)

dateReserved : 2017-04-21T00:00:00 (string)

dateUpdated : 2024-08-05T16:19:29.855Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "942E59F5-172F-4802-81AE-D43E72189889", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACFDEF8D-9BE5-43ED-8E1D-2B63A1294EDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "504AA7E0-D1F5-4097-B53B-F0E36328B1EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "0DCD6CB7-5D49-4897-8353-44E5B08D9375", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "B1B4C4EB-3337-4053-BA4B-93A849263A42", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "9339A684-B1F0-4110-9E48-A04BED74DC2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F35CCB74-63A3-4F95-9EAE-ADC5A8BACB99", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "A2A1BAE9-FCB6-458E-A1A6-03F0AB742E5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2261C887-8179-4BBA-A2CF-174F8F3017FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "6EED2616-E58D-4604-BBBC-AC24BCA068A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "916733EA-F51A-49E2-9D47-9B713B36C847", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "CA1887F9-EB71-41AE-9E45-DD86A54AA958", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "E7D01A32-98DA-4F7F-B7A0-D1695478C208", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "4C57AACB-1ECA-4047-A8AA-D768DA54BB86", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6D164FF1-D85D-4800-A726-465A32974BEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "6CAC5B15-895E-43CA-AFE1-EE7E06EF08D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "10286C78-A413-4FD3-B7F7-39C17A50D75C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "8D022F9B-4877-4A97-AE22-BAF579B38DE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "87D2BF0D-963C-430F-A4FE-F452F15035BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "6D8C3C5E-E942-483A-A914-CC57DDCB6EAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D741750F-DC85-4701-90F7-4AE00DB04B0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "E126E318-6572-4BC3-8FA4-835AC49432C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3A5B622B-C14C-4160-ACFD-CD2AB3786828", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBE0A85A-5B1A-49E0-8FC7-4A68505B6506", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "A8E3CEAB-E58E-4870-A719-F46D6DE2E710", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "3DEDD149-4BBB-47A1-8E23-2247DCF9C13C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "225B90A0-757D-4406-9EC1-A31968CC7F87", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "FC8157B8-A26B-4148-A02A-DBEC662FE701", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "3F74AEAE-D823-4B1A-9979-0739F6BA17CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "21FC35CD-79D1-4279-B719-6398C6636113", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "5053FDB3-E711-434A-A6A6-4C580A2FF43A", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "E909E6B8-AD6F-4B96-968D-A6C952462C26", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "6955DB34-FA12-41A6-A90F-456777ADEB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B92D875-509C-42BE-90E4-112C94170199", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "166C908D-7D5F-43DD-B3EA-BAFF23DBBDAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "6B83917A-D326-4874-AD82-0DBD131DC0EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "C5C19F44-AB0F-44BB-A298-F81B853FA71D", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "B981590F-0649-4BBA-AB5F-CC5C7858DFF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "1A36B9F9-6D45-4D84-869A-25131BF482BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "FADC5C69-1910-4D19-97B2-B44A594B8B34", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "B5314895-961D-4D2B-A0C9-1B23C03317CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "DA5A5B1C-7111-464E-9F49-D13621233AC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "1A6E52B8-7635-4376-AFAD-935DB44B923C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "C97CB502-CE1E-4B63-88D0-7A826C825B84", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "4F3AAD33-275B-4FF1-9434-BEE85543F7B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "18EEF16B-A74C-401A-913B-E3E9DA99EC68", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:*:*:*:*:*:*:*:*", "matchCriteriaId": "420CF106-9916-4219-A4E1-AA907EE68955", "versionEndIncluding": "40", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "C24E2CE5-6DBA-4B45-951D-0F7189C9A94D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "F0EB01AB-A033-4DCC-B433-0674078E31DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.3:*:*:*:*:*:*:*", "matchCriteriaId": "749B1CBF-6297-4F4D-970D-25D1D0A88AE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.4:*:*:*:*:*:*:*", "matchCriteriaId": "6C369E22-27DF-40B3-B94F-45DFC47E6A60", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.5:*:*:*:*:*:*:*", "matchCriteriaId": "15A2FE05-FC02-4FC1-B9B3-40E4EC62C5D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.6:*:*:*:*:*:*:*", "matchCriteriaId": "6A4975D0-2C4D-4883-A849-D434FB8A7E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.7:*:*:*:*:*:*:*", "matchCriteriaId": "6E85B347-27E2-4EF9-9CF0-13902EC4741D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.8:*:*:*:*:*:*:*", "matchCriteriaId": "93081AC1-C07E-4E6D-8B1E-8D561461FEB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.9:*:*:*:*:*:*:*", "matchCriteriaId": "E4F6208B-7FA5-4177-8942-2037BEE99546", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.10:*:*:*:*:*:*:*", "matchCriteriaId": "FD8DA4C6-BCA9-4959-82FC-2596C6EBD6E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.11:*:*:*:*:*:*:*", "matchCriteriaId": "8120A442-6A3D-4918-A829-A84B2B9694E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.12:*:*:*:*:*:*:*", "matchCriteriaId": "9D7AF658-FFBB-49AB-8A44-9989A7FEC707", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.13:*:*:*:*:*:*:*", "matchCriteriaId": "BC42F184-AFEC-4992-BFEF-B410CDF1452A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.14:*:*:*:*:*:*:*", "matchCriteriaId": "147C8C7B-F6C6-4338-A181-BF450C53C14B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.15:*:*:*:*:*:*:*", "matchCriteriaId": "555B74DE-E5D6-493B-96B4-87C636104B64", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.16:*:*:*:*:*:*:*", "matchCriteriaId": "44E995D9-D404-4A19-BDD8-C911A1A2AD90", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24:*:*:*:*:*:*:*", "matchCriteriaId": "A090F790-1A28-4238-8727-3F9475706A9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.1:*:*:*:*:*:*:*", "matchCriteriaId": "AEFE0727-C152-4726-A70E-C75BACD31071", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.2:*:*:*:*:*:*:*", "matchCriteriaId": "38D708B8-485D-445E-8A21-474A500F1184", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.3:*:*:*:*:*:*:*", "matchCriteriaId": "E4B8A221-8740-4D35-871D-EABDB2F8332D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.4:*:*:*:*:*:*:*", "matchCriteriaId": "A426C1DD-0C64-468A-B96E-B0B94FFF0A89", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.5:*:*:*:*:*:*:*", "matchCriteriaId": "DEFEEACE-5BED-4507-A770-69D36F478791", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.6:*:*:*:*:*:*:*", "matchCriteriaId": "860B073C-AC50-473C-9650-7421F3638FB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.7:*:*:*:*:*:*:*", "matchCriteriaId": "1B44C3F2-5AC4-4D05-BAF0-EFDFB3FDC3BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.8:*:*:*:*:*:*:*", "matchCriteriaId": "C2BBC265-7026-469B-BB30-D7DB7A334A65", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.9:*:*:*:*:*:*:*", "matchCriteriaId": "08E99F4C-6BB5-415E-A5F3-285A3219EEF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.10:*:*:*:*:*:*:*", "matchCriteriaId": "03E24F1B-C999-4C02-BFDD-00F1E2A53E45", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.11:*:*:*:*:*:*:*", "matchCriteriaId": "21D145BD-EEAC-4434-9435-A3676A15DD90", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30:*:*:*:*:*:*:*", "matchCriteriaId": "75D365CB-5BDA-4387-AA3E-2F02B552162F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.1:*:*:*:*:*:*:*", "matchCriteriaId": "E80E3184-345D-4C78-ABAA-94B3D9A53252", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.2:*:*:*:*:*:*:*", "matchCriteriaId": "5F654A04-B949-415D-982A-7341486B2B01", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.3:*:*:*:*:*:*:*", "matchCriteriaId": "CEF9F58F-1387-4D84-932F-8CC8F380E797", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.4:*:*:*:*:*:*:*", "matchCriteriaId": "31EB573D-313D-4DB4-8820-E99AE4FCA210", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pivotal_software:cloud_foundry_cf:*:*:*:*:*:*:*:*", "matchCriteriaId": "8AB2BFCD-60E5-481A-9FCB-E2937CD9ECBE", "versionEndIncluding": "263", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider."}, {"lang": "es", "value": "En cf-release de Cloud Foundry versiones anteriores a 264; UAA libera todas las versiones de UAA v2.x.x, versi\u00f3n 3.6.x anteriores a 3.6.13, versi\u00f3n 3.9.x anteriores a 3.9.15, versiones 3.20.x anteriores a v3.20.0, y otras versiones anteriores a v4.4.0; y versiones de UAA bosh release (uaa-release) versi\u00f3n 13.x anteriores a v13.17, versi\u00f3n 24.x anteriores a 24.12. 30.x versiones anteriores a 30.5, y otras versiones anteriores a 41, los administradores de zona pueden escalar sus privilegios al asignar permisos para un proveedor externo."}], "id": "CVE-2017-8032", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-10T20:29:00.860", "references": [{"source": "security_alert@emc.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.cloudfoundry.org/cve-2017-8032/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.cloudfoundry.org/cve-2017-8032/"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.2.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 942E59F5-172F-4802-81AE-D43E72189889 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.1:*:*:*:*:*:*:* (string)

matchCriteriaId : ACFDEF8D-9BE5-43ED-8E1D-2B63A1294EDF (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 504AA7E0-D1F5-4097-B53B-F0E36328B1EB (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 0DCD6CB7-5D49-4897-8353-44E5B08D9375 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4:*:*:*:*:*:*:* (string)

matchCriteriaId : B1B4C4EB-3337-4053-BA4B-93A849263A42 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 9339A684-B1F0-4110-9E48-A04BED74DC2C (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : F35CCB74-63A3-4F95-9EAE-ADC5A8BACB99 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : A2A1BAE9-FCB6-458E-A1A6-03F0AB742E5B (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 2261C887-8179-4BBA-A2CF-174F8F3017FE (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 6EED2616-E58D-4604-BBBC-AC24BCA068A7 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 916733EA-F51A-49E2-9D47-9B713B36C847 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.7:*:*:*:*:*:*:* (string)

matchCriteriaId : CA1887F9-EB71-41AE-9E45-DD86A54AA958 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.8:*:*:*:*:*:*:* (string)

matchCriteriaId : E7D01A32-98DA-4F7F-B7A0-D1695478C208 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.9:*:*:*:*:*:*:* (string)

matchCriteriaId : 4C57AACB-1ECA-4047-A8AA-D768DA54BB86 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.11:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D164FF1-D85D-4800-A726-465A32974BEF (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.12:*:*:*:*:*:*:* (string)

matchCriteriaId : 6CAC5B15-895E-43CA-AFE1-EE7E06EF08D2 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.13:*:*:*:*:*:*:* (string)

matchCriteriaId : 10286C78-A413-4FD3-B7F7-39C17A50D75C (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.14:*:*:*:*:*:*:* (string)

matchCriteriaId : 8D022F9B-4877-4A97-AE22-BAF579B38DE6 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.15:*:*:*:*:*:*:* (string)

matchCriteriaId : 87D2BF0D-963C-430F-A4FE-F452F15035BE (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:2.7.4.16:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D8C3C5E-E942-483A-A914-CC57DDCB6EAB (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : D741750F-DC85-4701-90F7-4AE00DB04B0C (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.2:*:*:*:*:*:*:* (string)

matchCriteriaId : E126E318-6572-4BC3-8FA4-835AC49432C8 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A5B622B-C14C-4160-ACFD-CD2AB3786828 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.4:*:*:*:*:*:*:* (string)

matchCriteriaId : EBE0A85A-5B1A-49E0-8FC7-4A68505B6506 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.5:*:*:*:*:*:*:* (string)

matchCriteriaId : A8E3CEAB-E58E-4870-A719-F46D6DE2E710 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 3DEDD149-4BBB-47A1-8E23-2247DCF9C13C (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 225B90A0-757D-4406-9EC1-A31968CC7F87 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.8:*:*:*:*:*:*:* (string)

matchCriteriaId : FC8157B8-A26B-4148-A02A-DBEC662FE701 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.9:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F74AEAE-D823-4B1A-9979-0739F6BA17CD (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.10:*:*:*:*:*:*:* (string)

matchCriteriaId : 21FC35CD-79D1-4279-B719-6398C6636113 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.11:*:*:*:*:*:*:* (string)

matchCriteriaId : 5053FDB3-E711-434A-A6A6-4C580A2FF43A (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.6.12:*:*:*:*:*:*:* (string)

matchCriteriaId : E909E6B8-AD6F-4B96-968D-A6C952462C26 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 6955DB34-FA12-41A6-A90F-456777ADEB81 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 5B92D875-509C-42BE-90E4-112C94170199 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 166C908D-7D5F-43DD-B3EA-BAFF23DBBDAC (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 6B83917A-D326-4874-AD82-0DBD131DC0EC (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.5:*:*:*:*:*:*:* (string)

matchCriteriaId : C5C19F44-AB0F-44BB-A298-F81B853FA71D (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.6:*:*:*:*:*:*:* (string)

matchCriteriaId : B981590F-0649-4BBA-AB5F-CC5C7858DFF7 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A36B9F9-6D45-4D84-869A-25131BF482BD (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.8:*:*:*:*:*:*:* (string)

matchCriteriaId : FADC5C69-1910-4D19-97B2-B44A594B8B34 (string)

vulnerable : true (boolean)

}

40 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.9:*:*:*:*:*:*:* (string)

matchCriteriaId : B5314895-961D-4D2B-A0C9-1B23C03317CF (string)

vulnerable : true (boolean)

}

41 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.10:*:*:*:*:*:*:* (string)

matchCriteriaId : DA5A5B1C-7111-464E-9F49-D13621233AC0 (string)

vulnerable : true (boolean)

}

42 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.11:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A6E52B8-7635-4376-AFAD-935DB44B923C (string)

vulnerable : true (boolean)

}

43 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.12:*:*:*:*:*:*:* (string)

matchCriteriaId : C97CB502-CE1E-4B63-88D0-7A826C825B84 (string)

vulnerable : true (boolean)

}

44 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.13:*:*:*:*:*:*:* (string)

matchCriteriaId : 4F3AAD33-275B-4FF1-9434-BEE85543F7B3 (string)

vulnerable : true (boolean)

}

45 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.14:*:*:*:*:*:*:* (string)

matchCriteriaId : 18EEF16B-A74C-401A-913B-E3E9DA99EC68 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 420CF106-9916-4219-A4E1-AA907EE68955 (string)

versionEndIncluding : 40 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C24E2CE5-6DBA-4B45-951D-0F7189C9A94D (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.2:*:*:*:*:*:*:* (string)

matchCriteriaId : F0EB01AB-A033-4DCC-B433-0674078E31DA (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 749B1CBF-6297-4F4D-970D-25D1D0A88AE3 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 6C369E22-27DF-40B3-B94F-45DFC47E6A60 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 15A2FE05-FC02-4FC1-B9B3-40E4EC62C5D6 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 6A4975D0-2C4D-4883-A849-D434FB8A7E2E (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 6E85B347-27E2-4EF9-9CF0-13902EC4741D (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.8:*:*:*:*:*:*:* (string)

matchCriteriaId : 93081AC1-C07E-4E6D-8B1E-8D561461FEB4 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.9:*:*:*:*:*:*:* (string)

matchCriteriaId : E4F6208B-7FA5-4177-8942-2037BEE99546 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.10:*:*:*:*:*:*:* (string)

matchCriteriaId : FD8DA4C6-BCA9-4959-82FC-2596C6EBD6E2 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.11:*:*:*:*:*:*:* (string)

matchCriteriaId : 8120A442-6A3D-4918-A829-A84B2B9694E4 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.12:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D7AF658-FFBB-49AB-8A44-9989A7FEC707 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.13:*:*:*:*:*:*:* (string)

matchCriteriaId : BC42F184-AFEC-4992-BFEF-B410CDF1452A (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.14:*:*:*:*:*:*:* (string)

matchCriteriaId : 147C8C7B-F6C6-4338-A181-BF450C53C14B (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.15:*:*:*:*:*:*:* (string)

matchCriteriaId : 555B74DE-E5D6-493B-96B4-87C636104B64 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:13.16:*:*:*:*:*:*:* (string)

matchCriteriaId : 44E995D9-D404-4A19-BDD8-C911A1A2AD90 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24:*:*:*:*:*:*:* (string)

matchCriteriaId : A090F790-1A28-4238-8727-3F9475706A9E (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.1:*:*:*:*:*:*:* (string)

matchCriteriaId : AEFE0727-C152-4726-A70E-C75BACD31071 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 38D708B8-485D-445E-8A21-474A500F1184 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.3:*:*:*:*:*:*:* (string)

matchCriteriaId : E4B8A221-8740-4D35-871D-EABDB2F8332D (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.4:*:*:*:*:*:*:* (string)

matchCriteriaId : A426C1DD-0C64-468A-B96E-B0B94FFF0A89 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.5:*:*:*:*:*:*:* (string)

matchCriteriaId : DEFEEACE-5BED-4507-A770-69D36F478791 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 860B073C-AC50-473C-9650-7421F3638FB1 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 1B44C3F2-5AC4-4D05-BAF0-EFDFB3FDC3BC (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.8:*:*:*:*:*:*:* (string)

matchCriteriaId : C2BBC265-7026-469B-BB30-D7DB7A334A65 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.9:*:*:*:*:*:*:* (string)

matchCriteriaId : 08E99F4C-6BB5-415E-A5F3-285A3219EEF0 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.10:*:*:*:*:*:*:* (string)

matchCriteriaId : 03E24F1B-C999-4C02-BFDD-00F1E2A53E45 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.11:*:*:*:*:*:*:* (string)

matchCriteriaId : 21D145BD-EEAC-4434-9435-A3676A15DD90 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30:*:*:*:*:*:*:* (string)

matchCriteriaId : 75D365CB-5BDA-4387-AA3E-2F02B552162F (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E80E3184-345D-4C78-ABAA-94B3D9A53252 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 5F654A04-B949-415D-982A-7341486B2B01 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.3:*:*:*:*:*:*:* (string)

matchCriteriaId : CEF9F58F-1387-4D84-932F-8CC8F380E797 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:30.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 31EB573D-313D-4DB4-8820-E99AE4FCA210 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:pivotal_software:cloud_foundry_cf:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8AB2BFCD-60E5-481A-9FCB-E2937CD9ECBE (string)

versionEndIncluding : 263 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12. 30.x versions prior to 30.5, and other versions prior to v41, zone administrators are allowed to escalate their privileges when mapping permissions for an external provider. (string)

}

1 : { »

lang : es (string)

value : En cf-release de Cloud Foundry versiones anteriores a 264; UAA libera todas las versiones de UAA v2.x.x, versión 3.6.x anteriores a 3.6.13, versión 3.9.x anteriores a 3.9.15, versiones 3.20.x anteriores a v3.20.0, y otras versiones anteriores a v4.4.0; y versiones de UAA bosh release (uaa-release) versión 13.x anteriores a v13.17, versión 24.x anteriores a 24.12. 30.x versiones anteriores a 30.5, y otras versiones anteriores a 41, los administradores de zona pueden escalar sus privilegios al asignar permisos para un proveedor externo. (string)

}

]

id : CVE-2017-8032 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : SINGLE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:S/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 6.8 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 6.6 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 0.7 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-07-10T20:29:00.860 (string)

references : [ »

0 : { »

source : security_alert@emc.com (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://www.cloudfoundry.org/cve-2017-8032/ (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://www.cloudfoundry.org/cve-2017-8032/ (string)

}

]

sourceIdentifier : security_alert@emc.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-269 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object