CVE-2024-38806

Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , potentially resulting in users retaining access rights they should not have. This can allow them to perform operations beyond their...

CVE-2024-38806 UAA Failure to Remove Shadow User’s Access

Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , potentially resulting in users retaining access rights they should not have. This can allow them to perform operations beyond their...

CVE-2020-5422: UAA password may appear in BOSH System Metrics Server process arguments | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Description BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director. It exposed the password to any user or process with access to the same VM through ps or looking at process...

CVE-2019-15605: Node.js is vulnerable to request smuggling | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Description Cloud Foundry Node.js Buildpack, versions prior to 1.7.11, defaults to a version of Node.js that is vulnerable to HTTP request smuggling, which allows malicious payload delivery to unsuspecting users. Affected Cloud Foundry Products an...

CVE-2019-17596: x509 parsing in Golang can cause panic | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Description Various Cloud Foundry components are written in Go and are therefore vulnerable to a denial of service attack. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public...

CVE-2018-15796: Signing Key Extraction in Bits Service | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using bits-service-release versions prior to 2.14.0 Description Cloud Foundry Bits Service, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may...

CVE-2018-1192

In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versio...

CVE-2018-1192

In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versio...

CVE-2018-1192: UAA SessionID present in Audit Event Logs | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions All cf-release versions prior to v285 All cf-deployment versions prior to v1.7 UAA 4.5.x versions prior to 4.5.5 4.8.x versions prior to 4.8.3 4.7.x versions prior to 4.7.4 UAA-release 45.7.x versions prior...

Design/Logic Flaw

An issue was discovered in Cloud Foundry Foundation cf-release all versions prior to v279 and UAA 30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1. In some cases, the UAA allows an authenticated user for a particular client to revoke client tokens for other...

CVE-2017-8031

The CVE-2017-8031 entry concerns Cloud Foundry cf-release and UAA. Affected products: cf-release (all versions before v279) and UAA (30.x before 30.6; 45.x before 45.4; 52.x before 52.1). Issue: an authenticated user for a given client can revoke client tokens belonging to other users on the same...

CVE-2017-14390: CF-deployment 0.35.0 syslog misconfiguration | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions cf-deployment v0.35.0 Description A misconfiguration with Loggregator and syslog-drain in cf-deployment causes logs to be drained to unintended locations. Mitigation Users of affected versions should appl...

CVE-2017-14388

Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer...

CVE-2017-8037

In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI...

Design/Logic Flaw

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.35.0 and cf-release versions after v244 and prior to v268. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud...

CVE-2017-8033

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions prior to v1.35.0 and cf-release versions prior to v268. A filesystem traversal vulnerability exists in the Cloud Controller that allows a space developer to escalate privileges by pushing a...

Design/Logic Flaw

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release version 1.33.0 only. The original fix for CVE-2017-8033 included in CAPI-release 1.33.0 introduces a regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushin...

CVE-2017-8036

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release version 1.33.0 only. The original fix for CVE-2017-8033 included in CAPI-release 1.33.0 introduces a regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushin...

Design/Logic Flaw

An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 - v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be ignored when the Static file file is not present in the application root...

CVE-2017-4994

An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release uaa-release 13.x versions prior to v13.16,...