VYPR
High severity7.5NVD Advisory· Published Mar 10, 2017· Updated Jun 17, 2026

CVE-2017-4960

CVE-2017-4960

Description

An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.cloudfoundry.identity:cloudfoundry-identity-serverMaven
>= 3.10.0, < 3.12.03.12.0
org.cloudfoundry.identity:cloudfoundry-identity-serverMaven
< 3.9.83.9.8

Affected products

30
  • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:21:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:21:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:22:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:23:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.2:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.3:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.4:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.5:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:24.6:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:25:*:*:*:*:*:*:*
    • cpe:2.3:a:cloudfoundry:cloud_foundry_uaa_bosh:26:*:*:*:*:*:*:*
  • cpe:2.3:a:pivotal_software:cloud_foundry:247.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:pivotal_software:cloud_foundry:247.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry:248.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry:249.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry:250.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry:251.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry:252.0:*:*:*:*:*:*:*
  • Cloudfoundry/Uaa11 versions
    cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.10.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:cloud_foundry_uaa:3.9.8:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.