PT-2018-10295 · Cloud Foundry · Uaa+1

Dr. Nic Williams

Published

2018-10-05

Updated

2020-01-17

CVE-2018-11083

CVSS v3.1

8.4

High

Vector

AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cloud Foundry BOSH versions v264 prior to v264.14.0 Cloud Foundry BOSH versions v265 prior to v265.7.0 Cloud Foundry BOSH versions v266 prior to v266.8.0 Cloud Foundry BOSH versions v267 prior to v267.2.0

Description The issue allows refresh tokens to be used as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can access BOSH resources without obtaining an access token, even if their user no longer has access to those resources.

Recommendations For Cloud Foundry BOSH version v264, update to version v264.14.0 or later. For Cloud Foundry BOSH version v265, update to version v265.7.0 or later. For Cloud Foundry BOSH version v266, update to version v266.8.0 or later. For Cloud Foundry BOSH version v267, update to version v267.2.0 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-11083

Affected Products

Cloud Foundry Bosh

Uaa

PT-2018-10295 · Cloud Foundry · Uaa+1

CVE-2018-11083

Related Identifiers

Affected Products

References · 3