A critical vulnerability in Cloud Foundry UAA exposes private Elliptic Curve keys, allowing attackers to forge JWT tokens and bypass authentication.

The public /token_keys endpoint, intended for public key distribution, incorrectly includes private Elliptic Curve (EC) key components, enabling attackers to sign their own JWTs.

Exposure of signing keys allows an attacker to forge identity tokens, granting them complete, unauthorized access to any system relying on the UAA for authentication. With a CVSS score of 10.0, this represents an absolute failure of the authentication infrastructure.

Immediate Action: Update UAA to v78.13.0 or later, or upgrade the CF Deployment to v56.1.0 or later.

Proactive Monitoring: Monitor logs for anomalous authentication requests and verify that only authorized keys are being used for token validation.

Compensating Controls: Immediately rotate all EC keys used for JWT signing and invalidate all currently issued tokens to prevent further unauthorized access.

Public Exploit Available: Unknown

This is a critical authentication vulnerability. Beyond patching, it is essential to rotate all affected signing keys immediately, as the potential for token forgery effectively invalidates the security of the entire identity provider service.