Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.
Advisories
Source ID Title
EUVD EUVD EUVD-2018-3126 Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2024-09-17T02:00:59.932Z

Reserved: 2018-05-14T00:00:00

Link: CVE-2018-11082

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-05T21:29:00.637

Modified: 2024-11-21T03:42:38.617

Link: CVE-2018-11082

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.