7.5

CVE-2017-4960

An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pivotal SoftwareCloud Foundry Version247.0
Pivotal SoftwareCloud Foundry Version248.0
Pivotal SoftwareCloud Foundry Version249.0
Pivotal SoftwareCloud Foundry Version250.0
Pivotal SoftwareCloud Foundry Version251.0
Pivotal SoftwareCloud Foundry Version252.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.45% 0.607
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
http://www.securityfocus.com/bid/96780
Third Party Advisory
VDB Entry