CVE-2018-1192
published 2018-02-01CVE-2018-1192: In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to…
PriorityP345high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
1.03%
59.6th percentile
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pivotal_software | cloud_foundry_cf-deployment | < 1.7 | 1.7 |
| pivotal_software | cloud_foundry_cf-release | < 285 | 285 |
| pivotal_software | cloud_foundry_uaa | >= 4.5.0 < 4.5.5 | 4.5.5 |
| pivotal_software | cloud_foundry_uaa | >= 4.7.0 < 4.7.4 | 4.7.4 |
| pivotal_software | cloud_foundry_uaa | >= 4.8.0 < 4.8.3 | 4.8.3 |
| pivotal_software | cloud_foundry_uaa-release | — | — |
| pivotal_software | cloud_foundry_uaa-release | — | — |
| pivotal_software | cloud_foundry_uaa-release | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Cloud Foundry UAA SessionID present in Audit Event Logs
osv·2022-05-14
CVE-2018-1192 [HIGH] Cloud Foundry UAA SessionID present in Audit Event Logs
Cloud Foundry UAA SessionID present in Audit Event Logs
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.
GHSA
Cloud Foundry UAA SessionID present in Audit Event Logs
ghsa·2022-05-14
CVE-2018-1192 [HIGH] CWE-200 Cloud Foundry UAA SessionID present in Audit Event Logs
Cloud Foundry UAA SessionID present in Audit Event Logs
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.
No detection rules found.
No public exploits indexed.
2018-02-01
Published