Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2018-10-05T21:00:00Z

Updated: 2024-09-17T02:00:59.932Z

Reserved: 2018-05-14T00:00:00

Link: CVE-2018-11082

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-05T21:29:00.637

Modified: 2024-11-21T03:42:38.617

Link: CVE-2018-11082

cve-icon Redhat

No data.