CVE-2017-4973: Privilege Escalation in UAA
Molly Crowther
CF Devs,
Please see information for the following high UAA CVE. This issue was fixed
in the same releases as CVE-2017-4972 (the blind SQL injection) so if you
already have plans to upgrade, you don't need to take any further action.
https://www.cloudfoundry.org/cve-2017-4973/
Please let me know if you have any other questions or concerns.
Thanks,
Molly Crowther
Cloud Foundry Foundation Security Team
Please see information for the following high UAA CVE. This issue was fixed
in the same releases as CVE-2017-4972 (the blind SQL injection) so if you
already have plans to upgrade, you don't need to take any further action.
https://www.cloudfoundry.org/cve-2017-4973/
Please let me know if you have any other questions or concerns.
Thanks,
Molly Crowther
Cloud Foundry Foundation Security Team