CVE-2024-38806
CVSS V2 None
CVSS V3 None
Description
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 ,
potentially resulting in users retaining access rights they should not
have. This can allow them to perform operations beyond their intended
permissions.
Overview
- CVE ID
- CVE-2024-38806
- Assigner
- vmware
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-18T18:41:33.779Z
- Last Modified Date
- 2024-07-18T19:24:53.438Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.cloudfoundry.org/blog/cve-2024-38806-uaa-failure-to-remove-shadow-users-access |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-38806 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38806 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-19 13:10:38 | Added to TrackCVE |