Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Vmware Subscribe
Filtered by product Single Sign-on For Pivotal Cloud Foundry
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8040 1 Vmware 1 Single Sign-on For Pivotal Cloud Foundry 2021-08-12 4.0 MEDIUM 6.5 MEDIUM
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, an XXE (XML External Entity) attack was discovered in the Single Sign-On service dashboard. Privileged users can in some cases upload malformed XML leading to exposure of data on the Single Sign-On service broker file system.
CVE-2017-8041 1 Vmware 1 Single Sign-on For Pivotal Cloud Foundry 2021-08-12 4.3 MEDIUM 6.1 MEDIUM
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, a user can execute a XSS attack on certain Single Sign-On service UI pages by inputting code in the text field for an organization name.
CVE-2017-8044 1 Vmware 1 Single Sign-on For Pivotal Cloud Foundry 2021-08-12 4.3 MEDIUM 6.1 MEDIUM
In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3), certain pages allow code to be injected into the DOM environment through query parameters, leading to XSS attacks.