CVE-2019-3800 — Insufficiently Protected Credentials in Cloud Foundry Autoscaling Release

CWE-522 — Insufficiently Protected Credentials CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

7.8HIGHNVD

CNA6.3

EPSS

0.2%

top 57.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Anynines Elasticsearch Anynines Logme Anynines Mongodb +54 more

Timeline

PublishedAug 5

Latest updateMay 24

Description

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages57 packages

▶NVDpivotal/metric_registrar_release< 1.2

▶NVDpivotal/cloud_foundry_routing_release< 0.189.0

▶NVDpivotal/cloud_foundry_log_cache_release< 2.3.1

▶NVDpivotal/cloud_foundry_networking_release< 2.23.0

▶NVDpivotal/cloud_foundry_autoscaling_release< 219

🔴Vulnerability Details

GHSA

GHSA-2wpx-p7qg-954w: CF CLI version prior to v6↗2022-05-24

▶

CVEList

CF CLI writes the client id and secret to config file↗2019-08-05

▶