Cloudfoundry Cf-Release vulnerabilities

CVE-2016-8218 [CRITICAL] CWE-20 CVE-2016-8218: An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users to the routing API, aka an "Unauthenticated JWT signing algorithm in routing" issue.

CVE-2016-6655 [CRITICAL] CWE-77 CVE-2016-6655: An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Fou

CVE-2017-4972 [HIGH] CWE-89 CVE-2017-4972: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2 An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior t

CVE-2017-4991 [HIGH] CWE-269 CVE-2017-4991: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2 An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 3

CVE-2017-4970 [MEDIUM] CVE-2017-4970: An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack version An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 - v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be ignored when the Static file file is not present in the application root. Applications containing a Staticfile.auth file but not a Static fil

CVE-2016-8219 [MEDIUM] CWE-269 CVE-2016-8219: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-releas An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage fails.

CVE-2017-4974 [MEDIUM] CWE-89 CVE-2017-4974: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2 An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior

CVE-2015-3191 [HIGH] CWE-352 CVE-2015-3191: With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or ear With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an attacker to trigger an e-mail change for a user logged into a cloud foundry instance via a malicious link on a attacker con

CVE-2016-0780 [HIGH] CWE-399 CVE-2016-0780: It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versio It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CEL

CVE-2015-3190 [MEDIUM] CWE-601 CVE-2015-3190: With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or ear With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an attacker to insert malicious web page as a redirect parameter.

CVE-2015-1834 [MEDIUM] CWE-22 CVE-2015-1834: A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that a A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through relative file paths in the user input. It aims at accessing files and dire

CVE-2016-2165 [MEDIUM] CWE-20 CVE-2016-2165: The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime v The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malicious scripts to be written directly into the 404 response.

CVE-2015-3189 [LOW] CWE-640 CVE-2015-3189: With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or ear With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerability is applicable only when using the UAA internal user store for authenticati

CVE-2017-4969 [MEDIUM] CVE-2017-4969: The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated develop The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks.

CVE-2016-9882 [HIGH] CWE-532 CVE-2016-9882: An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-relea An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0. Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often sent to a log aggregator via syslog.