Severity

High

Vendor

Cloud Foundry Foundation

Affected Cloud Foundry Products and Versions

• BOSH Backup and Restore
  • All versions prior to v1.5.0

Description

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file of a Bosh Backup and Restore job to request extra backup files from different jobs upon restore. The exploited hooks in this metadata script were only maintained in the cfcr-etcd-release, so clusters deployed with the BBR job for etcd in this release are vulnerable.

Mitigation

Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:

• BOSH Backup and Restore
  • Upgrade All versions to v1.5.0 or greater
• Cloud Foundry Container Runtime
  • Upgrade cfcr-etcd-release to 1.10.0 or greater to have functional backup and restore with BBR v1.5.0 or greater

History

2019-04-08: Initial vulnerability report published.