Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to a potentially fraudulent address. This would allow the attacker to gain complete control of the user's account.
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:HPivotal Software Cloud Foundry Uaa Release
APPPivotal Software< 73.0.0
Related vulnerabilities
Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege esc...
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x...
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand...
Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated...
Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multi...