Home

Description

Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.

PUBLISHED Reserved 2025-01-02 | Published 2025-05-13 | Updated 2025-05-13 | Assigner vmware




LOW: 3.0CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

Product status

Default status
unaffected

v77.21.0 (git) before v77.32.0
affected

Default status
unaffected

v45.1.0 (git)
affected

References

www.cloudfoundry.org/...2025-22246-uaa-private-key-exposure/

cve.org (CVE-2025-22246)

nvd.nist.gov (CVE-2025-22246)

Download JSON