CVE-2017-4973: Privilege Escalation in UAA

Molly Crowther

CF Devs,

Please see information for the following high UAA CVE. This issue was fixed
in the same releases as CVE-2017-4972 (the blind SQL injection) so if you
already have plans to upgrade, you don't need to take any further action.

Please let me know if you have any other questions or concerns.

Molly Crowther
Cloud Foundry Foundation Security Team

Join { to automatically receive all group messages.