Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cloudfoundryCloud FoundryCFOUNDRY:4BD266D672CDC03804B7D86CDC08FEA0
HistorySep 26, 2016 - 12:00 a.m.

CVE-2016-6636 UAA Open Redirect Vulnerability for Subdomains | Cloud Foundry

2016-09-2600:00:00
Cloud Foundry
www.cloudfoundry.org
35

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

53.6%

JSON

CVE-2016-6636 UAA Open Redirect Vulnerability for Subdomains

Medium

Vendor

Cloud Foundry Foundation

Versions Affected

  • Cloud Foundry release v241 and earlier versions
  • UAA release v2.0.0 – v2.7.4.6, v3.0.0 – v3.4.2
  • UAA BOSH release v12.3 & earlier versions

Description

Subdomains in the redirect_uri are not properly validated during OAuth authorization flow, making it possible to obtain implicit access tokens using a different subdomain in the request. Clients with the implicit authorization grant type are affected.

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • Upgrade to Cloud Foundry v242 [1] or later

For standalone UAA users:

  • For users using UAA Version 3.0.0 – 3.4.2, please upgrade to UAA Release to v3.7.0[2], v3.4.4[3] or v3.3.0.5[4]
  • For users using standalone UAA Version 2.X.X, please upgrade to UAA Release to v2.7.4.7 [5]
  • For users using UAA bosh release, please upgrade to UAA-Release v16 [6] if upgrading to v3.7.0 [2] ,v12.5 [7] if upgrading to v3.4.4[3] or v11.5 [8] if upgrading to v3.3.0.5[4]

Credit

GE Digital Security Team

References

History

2016-09-26: Initial vulnerability report published

Related

prion 1
cvelist 1
cve 1
nvd 1
prion
prion
Authorization
2016-09-30 00:59:00
cvelist
cvelist
CVE-2016-6636
2016-09-30 00:00:00
cve
cve
CVE-2016-6636
2016-09-30 00:59:00
nvd
nvd
CVE-2016-6636
2016-09-30 00:59:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

53.6%

JSON
Related for CFOUNDRY:4BD266D672CDC03804B7D86CDC08FEA0
prion1cvelist1cve1nvd1