PT-2023-17685 · Unknown · Cloud Foundry+1
Felix Hambrecht
·
Published
2023-05-19
·
Updated
2025-01-21
·
CVE-2023-20881
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cloud Foundry versions 1.140 through 1.152.0
loggregator-agent version 7 and later
Description
The issue allows users to override other users' syslog drain credentials if they are aware of the client certificate used for that syslog drain. This applies even if the drain has zero certificates, enabling the user to override the private key and add or modify a certificate authority used for the connection.
Recommendations
For Cloud Foundry versions 1.140 through 1.152.0, restrict access to the syslog drain configuration to prevent unauthorized modifications.
For loggregator-agent version 7 and later, consider disabling the syslog drain feature until a fix is available to prevent credential overrides.
Avoid using the same client certificate for multiple syslog drains to minimize the risk of exploitation.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cloud Foundry
Loggregator-Agent