Lucene search
Cloud FoundryCFOUNDRY:C440264CD8D1D7E2C4275794A3C73939HistoryJan 31, 2018 - 12:00 a.m.
CVE-2018-1192: UAA SessionID present in Audit Event Logs | Cloud Foundry
2018-01-3100:00:00
Cloud Foundry
www.cloudfoundry.org
24
0.001 Low
EPSS
Percentile
42.9%
Severity
High
Vendor
Cloud Foundry Foundation
Affected Cloud Foundry Products and Versions
- All cf-release versions prior to v285
- All cf-deployment versions prior to v1.7
- UAA
- 4.5.x versions prior to 4.5.5
- 4.8.x versions prior to 4.8.3
- 4.7.x versions prior to 4.7.4
- UAA-release
- 45.7.x versions prior to 45.7
- 52.7.x versions prior to 52.7
- 53.3.x versions prior to 53.3
Description
Cloud Foundry UAA logs the SessionID in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.
Mitigation
Users of affected versions should apply the following mitigations or upgrades:
- Releases that have fixed this issue include:
- cf-release: 285
- cf-deployment: 1.7
- UAA: 4.5.5, 4.8.3, 4.7.4
- UAA-release: 45.7,52.7, 53.3
Credit
This issue was responsibly reported by the UAA team.
References
- <https://github.com/cloudfoundry/cf-release/releases>
- <https://github.com/cloudfoundry/cf-deployment/releases>
- <https://github.com/cloudfoundry/uaa/releases>
- <https://github.com/cloudfoundry/uaa-release/releases>
History
2018-01-31: Initial vulnerability report published.
Related
veracode
veracode
Information Disclosure
2018-02-02 01:50:45
prion
prion
Code injection
2018-02-01 20:29:00
cve
cve
CVE-2018-1192
2018-02-01 20:29:00
osv
osv
Cloud Foundry UAA SessionID present in Audit Event Logs
2022-05-14 03:41:29
CVE-2018-1192
2018-02-01 20:29:00
github
github
Cloud Foundry UAA SessionID present in Audit Event Logs
2022-05-14 03:41:29
cvelist
cvelist
CVE-2018-1192
2018-02-01 20:00:00
nvd
nvd
CVE-2018-1192
2018-02-01 20:29:00