Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cloudfoundry.org/blog/cve-2018-11082/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2018-10-05T21:00:00Z
Updated: 2024-09-17T02:00:59.932Z
Reserved: 2018-05-14T00:00:00
Link: CVE-2018-11082
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-10-05T21:29:00.637
Modified: 2024-11-21T03:42:38.617
Link: CVE-2018-11082
Redhat
No data.