CVE-2019-3800
Last modified
CVE-2019-3800 is a vulnerability of currently unknown severity. CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.. EPSS estimates a 2.09% chance of exploitation in the next 30 days.
Description
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Pivotal | Cloud Foundry Command Line Interface | < 6.45.0 |
| Pivotal | Cloud Foundry Command Line Interface Release | < 1.16.0 |
| Pivotal | Cloud Foundry Deployment | < 10.0.0 |
| Pivotal | Cloud Foundry Deployment Concourse Tasks | < 9.3.0 |
| Pivotal | Cloud Foundry Log Cache Release | < 2.3.1 |
| Pivotal | Cloud Foundry Networking Release | < 2.23.0 |
| Pivotal | Cloud Foundry Notifications | < 58 |
| Pivotal | Cloud Foundry Routing Release | < 0.189.0 |
| Pivotal | Cloud Foundry Smoke Test | < 40.0.113 |
| Pivotal | Application Service | >= 2.3.0, < 2.3.14 |
| Pivotal | Application Service | >= 2.4.0, < 2.4.10 |
| Pivotal | Application Service | >= 2.5.0, < 2.5.6 |
| Pivotal | Cloud Foundry Autoscaling Release | < 219 |
| Pivotal | Cloud Foundry Event Alerts | < 1.2.8 |
| Pivotal | Cloud Foundry Healthwatch | >= 1.4.0, < 1.4.7 |
| Pivotal | Cloud Foundry Healthwatch | >= 1.5.0, < 1.5.4 |
| Pivotal | Credhub Service Broker For Pcf | < 1.3.2 |
| Pivotal | Metric Registrar Release | < 1.2 |
| Pivotal | On Demand Service Broker | < 0.29.0 |
| Pivotal | Pivotal Cloud Foundry Service Broker | < 1.4.13 |
| Pivotal | Single Sign-On | >= 1.7.0, < 1.7.5 |
| Pivotal | Single Sign-On | >= 1.8.0, < 1.8.4 |
| Pivotal | Single Sign-On | >= 1.9.0, < 1.9.1 |
| Anynines | Elasticsearch | < 2.1.2 |
| Anynines | Logme | < 2.1.2 |
| Anynines | Mongodb | < 2.1.2 |
| Anynines | Mysql | < 2.1.2 |
| Anynines | Postgresql | < 2.1.2 |
| Anynines | Rabbitmq | < 2.1.2 |
| Anynines | Redis | < 2.1.2 |
| Apigee | Edge Service Broker | < 3.1.3 |
| Appdynamics | Application Analytics | < 4.7.652 |
| Appdynamics | Application Performance Monitoring | < 4.6.64 |
| Appdynamics | Platform Montioring | < 4.7.712 |
| Bluemedora | Nozzle | < 3.1.1 |
| Contrastsecurity | Service Broker | < 2.2.0 |
| Cyberark | Conjur Service Broker | < 1.1.1 |
| Datadoghq | Application Monitoring | < 1.7.0 |
| Datastax | Enterprise Service Broker | < 1.0.2 |
| Dynatrace | Service Broker | < 1.4.2 |
| Forgerock | Service Broker | < 2.1.2 |
| Google Cloud Platform Service Broker | < 4.2.3 | |
| Ibm | Websphere Liberty | < 3.11.0 |
| Microsoft | Azure Log Analytics Nozzle | < 1.4.1 |
| Microsoft | Azure Service Broker | < 1.4.1 |
| Newrelic | Dotnet Extension Buildpack | < 1.1.1 |
| Newrelic | Nozzle | < 1.1.17 |
| Newrelic | Service Broker | < 1.12.64 |
| Pagerduty | Service Broker | < 1.2.4 |
| Riverbed | Steelcentral Appinternals | < 10.21.1-bl516 |
Showing 50 of 60 affected configurations. See NVD for the full list.
References
- https://pivotal.io/security/cve-2019-3800Vendor Advisory
- https://www.cloudfoundry.org/blog/cve-2019-3800Vendor Advisory
- https://pivotal.io/security/cve-2019-3800Vendor Advisory
- https://www.cloudfoundry.org/blog/cve-2019-3800Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-3800?
How severe is CVE-2019-3800?
How do I fix CVE-2019-3800?
Are you affected by CVE-2019-3800?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST