Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20881

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection.

Published

2023-05-19T15:15:08.673

Last Modified

2025-01-21T20:15:28.703

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-295
Type: Primary
CWE-295

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cloudfoundry	capi-release	≤ 1.152.0	Yes
Application	cloudfoundry	cf-deployment	≤ 29.0.0	Yes
Application	cloudfoundry	loggregator-agent	≤ 7.2.1	Yes

References

https://www.cloudfoundry.org/blog/cve-2023-20881-cas-for-syslog-drain-mtls-feature-can-be-overwritten/ Vendor Advisory ([email protected])
https://www.cloudfoundry.org/blog/cve-2023-20881-cas-for-syslog-drain-mtls-feature-can-be-overwritten/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)