Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## Configure the uaa client
- uaac target ${uaa-url} --skip-ssl-validation # set the UAA api endpoint
- uaac token client get admin -s $uaa_admin_client_secret # authenticate as the UAA admin (any client with the 'clients.read' authority will do)
- ## If any of the following queries finds matching clients, your UAA server was likely attacked using CVE-2019-11270.
- # Check for UAA management scopes:
- uaac clients "client_id eq 'clients' or client_id eq 'scim' or client_id eq 'groups' or client_id sw 'zones'"
- uaac clients "client_id eq 'password' or client_id eq 'idps' or client_id eq 'oauth'"
- # Check for Cloud Foundry scopes:
- uaac clients "client_id eq 'cloud_controller' or client_id eq 'routing' or client_id eq 'doppler' or client_id eq 'notifications'"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement