PT-2018-13213 · Cloud Foundry · Bosh+1
Published
2018-12-05
·
Updated
2020-08-24
·
CVE-2018-15797
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cloud Foundry NFS volume release versions 1.2.x through 1.2.5
Cloud Foundry NFS volume release versions 1.5.x through 1.5.4
Cloud Foundry NFS volume release versions 1.7.x through 1.7.3
Description
The issue allows a remote authenticated user with access to BOSH to obtain the admin credentials for the Cloud Foundry Platform. This is possible because the
nfsbrokerpush BOSH deploy errand logs the cf admin username and password.Recommendations
For versions 1.2.x through 1.2.5, update to version 1.2.5 or later to resolve the issue.
For versions 1.5.x through 1.5.4, update to version 1.5.4 or later to resolve the issue.
For versions 1.7.x through 1.7.3, update to version 1.7.3 or later to resolve the issue.
As a temporary workaround, consider restricting access to the BOSH logs to minimize the risk of exploitation.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bosh
Cloud Foundry Nfs Volume