Primary

Context

Cloud Foundry UAA Private Key Exposure Vulnerability

Vulnerability

Patched

A vulnerability allowing private key exposure in logs has been identified in Cloud Foundry UAA release versions 77.21.0 prior to 77.31.0. This issue is also present in Cloud Foundry Deployment versions 45.1.0 prior to 48.11.0.

Impact

Exploitation of this vulnerability leads to unauthorized exposure of private keys in application logs.

Remediation

Users are advised to upgrade to UAA release versions 77.32.0 or greater. For Cloud Foundry Deployment, upgrade to version 49.0.0 or greater, which includes UAA release 77.32.0.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

5.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

5.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cloud Foundry UAA Private Key Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Cloud Foundry UAA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating