VYPR
Medium severity6.6NVD Advisory· Published Oct 5, 2018· Updated Jun 17, 2026

CVE-2018-11082

CVE-2018-11082

Description

Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Cloudfoundry/Uaallm-fuzzy2 versions
    <4.20.0,<61.0+ 1 more
    • (no CPE)range: <4.20.0,<61.0
    • (no CPE)range: all versions
  • Cloud Foundry/UAA Releasev5
    Range: all versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.