CVE-2019-3800

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-3800
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

6.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Exploitability : 2.0 / Impact : 3.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
https://pivotal.io/security/cve-2019-3800 Vendor Advisory
https://www.cloudfoundry.org/blog/cve-2019-3800 Vendor Advisory
https://pivotal.io/security/cve-2019-3800 Vendor Advisory
https://www.cloudfoundry.org/blog/cve-2019-3800 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pivotal:cloud_foundry_command_line_interface:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_command_line_interface_release:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_deployment:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_deployment_concourse_tasks:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_log_cache_release:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_networking_release:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_notifications:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_routing_release:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_smoke_test:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:pivotal:application_service:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:application_service:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:application_service:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_autoscaling_release:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_event_alerts:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_healthwatch:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_healthwatch:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:credhub_service_broker_for_pcf:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:metric_registrar_release:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:on_demand_service_broker:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:pivotal_cloud_foundry_service_broker:*:*:*:*:*:aws:*:*
cpe:2.3:a:pivotal:single_sign-on:*:*:*:*:*:cloud_foundry:*:*
cpe:2.3:a:pivotal:single_sign-on:*:*:*:*:*:cloud_foundry:*:*
cpe:2.3:a:pivotal:single_sign-on:*:*:*:*:*:cloud_foundry:*:*

Configuration 3 (hide)

OR cpe:2.3:a:anynines:elasticsearch:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:anynines:logme:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:anynines:mongodb:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:anynines:mysql:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:anynines:postgresql:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:anynines:rabbitmq:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:anynines:redis:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:apigee:edge_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:appdynamics:application_analytics:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:appdynamics:application_performance_monitoring:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:appdynamics:platform_montioring:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:bluemedora:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:contrastsecurity:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:cyberark:conjur_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:datadoghq:application_monitoring:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:datastax:enterprise_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:dynatrace:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:forgerock:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:google:google_cloud_platform_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:ibm:websphere_liberty_:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:microsoft:azure_log_analytics_nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:microsoft:azure_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:newrelic:dotnet_extension_buildpack:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:newrelic:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:newrelic:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:pagerduty:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:riverbed:steelcentral_appinternals:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:samba:volume_service:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:signalsciences:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:snyk:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:solace:pubsub\+:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:splunk:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:sumologic:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:synopsys:seeker_iast_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:tibco:businessworks_buildpack:*:*:*:*:container:pivotal_cloud_foundry:*:*
cpe:2.3:a:wavefront:wavefront_by_vmware_nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
cpe:2.3:a:yugabyte:db_enterprise:*:*:*:*:*:pivotal_cloud_foundry:*:*
History

21 Nov 2024, 04:42

Type Values Removed Values Added
CVSS v2 : 2.1
v3 : 7.8 		v2 : 2.1
v3 : 6.3
References () https://pivotal.io/security/cve-2019-3800 - Vendor Advisory () https://pivotal.io/security/cve-2019-3800 - Vendor Advisory
References () https://www.cloudfoundry.org/blog/cve-2019-3800 - Vendor Advisory () https://www.cloudfoundry.org/blog/cve-2019-3800 - Vendor Advisory
Information

Published : 2019-08-05 17:15

Updated : 2024-11-21 04:42

NVD link : CVE-2019-3800

Mitre link : CVE-2019-3800

CVE.ORG link : CVE-2019-3800

JSON object : View

Products Affected

pivotal

  • single_sign-on
  • application_service
  • cloud_foundry_deployment
  • cloud_foundry_log_cache_release
  • cloud_foundry_healthwatch
  • metric_registrar_release
  • cloud_foundry_command_line_interface_release
  • credhub_service_broker_for_pcf
  • pivotal_cloud_foundry_service_broker
  • cloud_foundry_command_line_interface
  • cloud_foundry_networking_release
  • on_demand_service_broker
  • cloud_foundry_deployment_concourse_tasks
  • cloud_foundry_notifications
  • cloud_foundry_smoke_test
  • cloud_foundry_event_alerts
  • cloud_foundry_routing_release
  • cloud_foundry_autoscaling_release

samba

  • volume_service

forgerock

  • service_broker

tibco

  • businessworks_buildpack

newrelic

  • nozzle
  • dotnet_extension_buildpack
  • service_broker

riverbed

  • steelcentral_appinternals

cyberark

  • conjur_service_broker

splunk

  • nozzle

yugabyte

  • db_enterprise

anynines

  • elasticsearch
  • postgresql
  • mysql
  • rabbitmq
  • logme
  • redis
  • mongodb

appdynamics

  • platform_montioring
  • application_performance_monitoring
  • application_analytics

pagerduty

  • service_broker

sumologic

  • nozzle

contrastsecurity

  • service_broker

solace

  • pubsub\+

datadoghq

  • application_monitoring

wavefront

  • wavefront_by_vmware_nozzle

ibm

  • websphere_liberty_

snyk

  • service_broker

apigee

  • edge_service_broker

dynatrace

  • service_broker

signalsciences

  • service_broker

bluemedora

  • nozzle

synopsys

  • seeker_iast_service_broker

microsoft

  • azure_service_broker
  • azure_log_analytics_nozzle

datastax

  • enterprise_service_broker

google

  • google_cloud_platform_service_broker
CWE
CWE-522

Insufficiently Protected Credentials

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor