These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
Cloud Foundry reports a logic error in the token revocation endpoint that can cause inappropriate user token revocation. The issue affects Cloud Foundry UAA v77.30.0 to v78.7.0 and Cloud Foundry cf-deployment v48.7.0 to v54.10.0 in the CVE description, with NVD rating the issue 6.5/Medium and emphasizing availability impact.
CVE-2016-9882 is a high-severity information disclosure issue in Cloud Foundry. In affected cf-release and CAPI-release versions, Cloud Controller can log credentials returned by service brokers in system component logs. Because those logs are written to disk and may also be forwarded to a log aggregator via syslog, the exposure can extend beyond the local system to any place the logs are collected or retained.