PatchSiren cyber security CVE debrief
CVE-2026-22723 Cloudfoundry CVE debrief
Cloud Foundry reports a logic error in the token revocation endpoint that can cause inappropriate user token revocation. The issue affects Cloud Foundry UAA v77.30.0 to v78.7.0 and Cloud Foundry cf-deployment v48.7.0 to v54.10.0 in the CVE description, with NVD rating the issue 6.5/Medium and emphasizing availability impact.
- Vendor
- Cloudfoundry
- Product
- CVE-2026-22723
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-05
- Original CVE updated
- 2026-05-10
- Advisory published
- 2026-03-05
- Advisory updated
- 2026-05-10
Who should care
Operators, administrators, and security teams running Cloud Foundry UAA or cf-deployment should pay attention, especially where token-based authentication is used in production or where unexpected revocation would interrupt user access.
Technical summary
The supplied description identifies a logic error in the token revocation endpoint implementation that can revoke user tokens inappropriately. NVD classifies the issue as network-accessible, low-complexity, low-privilege, and requiring no user interaction, with no confidentiality or integrity impact and high availability impact (CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Defensive priority
Medium. Prioritize remediation in environments that depend on Cloud Foundry authentication continuity, because incorrect token revocation can disrupt logins, sessions, and automation.
Recommended defensive actions
- Inventory Cloud Foundry UAA and cf-deployment deployments and compare them against the affected version ranges in the CVE record and NVD metadata.
- Upgrade or otherwise move to a non-vulnerable Cloud Foundry release identified by the vendor advisory.
- Review token revocation and authentication logs for unexpected revocations, repeated sign-ins, or correlated access failures.
- Validate any administrative or automated workflows that invoke the token revocation endpoint.
- Alert support or operations teams to user reports of involuntary sign-out or authorization failures while remediation is underway.
Evidence notes
This debrief is based on the CVE record published on 2026-03-05 and modified on 2026-05-10, plus the NVD entry and referenced Cloud Foundry advisory. The source corpus states the issue is an inappropriate user token revocation caused by a logic error in the token revocation endpoint. NVD lists the advisory reference and affected CPE ranges. One data-quality note: the human-readable description says cf-deployment v48.7.0 to v54.10.0, while the NVD CPE metadata marks cf-deployment vulnerable through 54.11.0; that mismatch is preserved here rather than resolved.
Official resources
-
CVE-2026-22723 CVE record
CVE.org
-
CVE-2026-22723 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Mitigation, Vendor Advisory
Publicly disclosed in the CVE record on 2026-03-05 and updated on 2026-05-10. The provided enrichment does not list this issue in CISA KEV.