Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-11047

Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longer expiration time than access tokens, allowing the possessor of a refresh token to authenticate longer than expected. This affects the administrative endpoints of the UAA. i.e. /Users, /Groups, etc. However, if the user has been deleted or had groups removed, or the client was deleted, the refresh token will no longer be valid.

Published

2018-07-24T19:29:00.287

Last Modified

2024-11-21T03:42:33.670

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	pivotal_software	cloud_foundry_uaa	< 4.5.7	Yes
Application	pivotal_software	cloud_foundry_uaa	< 4.7.6	Yes
Application	pivotal_software	cloud_foundry_uaa	< 4.10.2	Yes
Application	pivotal_software	cloud_foundry_uaa	< 4.12.4	Yes
Application	pivotal_software	cloud_foundry_uaa	< 4.19.2	Yes

References

https://www.cloudfoundry.org/blog/cve-2018-11047/ Mitigation, Vendor Advisory ([email protected])
https://www.cloudfoundry.org/blog/cve-2018-11047/ Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)