CVE-2018-1192

🗓️ 01 Feb 2018 20:00:00Reported by dellType

Insecure SessionID logging in Cloud Foundry Foundatio

Reporter	Title	Published	Views	Family All 13
Cloud Foundry	CVE-2018-1192: UAA SessionID present in Audit Event Logs \| Cloud Foundry	31 Jan 201800:00	–	cloudfoundry
CNVD	Logic Flaw Vulnerability in Multiple Pivotal Products	5 Feb 201800:00	–	cnvd
CVE	CVE-2018-1192	1 Feb 201820:00	–	cve
EUVD	EUVD-2022-5778	3 Oct 202520:07	–	euvd
Github Security Blog	Cloud Foundry UAA SessionID present in Audit Event Logs	14 May 202203:41	–	github
NVD	CVE-2018-1192	1 Feb 201820:29	–	nvd
OSV	CVE-2018-1192	1 Feb 201820:29	–	osv
OSV	GHSA-XG5V-696H-C3VR Cloud Foundry UAA SessionID present in Audit Event Logs	14 May 202203:41	–	osv
Prion	Code injection	1 Feb 201820:29	–	prion
Veracode	Information Disclosure	2 Feb 201801:50	–	veracode

[
  {
    "product": "Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3"
      }
    ]
  }
]

Source	Link
cloudfoundry	www.cloudfoundry.org/blog/cve-2018-1192/

01 Feb 2018 19:57Current

8.6High risk

Vulners AI Score8.6

EPSS0.00473