CVE-2021-22001

CVE-2021-22001

Vendor N/A
Product Cloud Foundry UAA server
Weakness CWE-200 · Info exposure
Published July 22, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent to UAA server.

Key dates

02Disclosure timeline

July 22, 2021 CVE published
August 3, 2024 Record updated