All the vulnerabilites related to Cloud Foundry - UAA Release (OSS)
cve-2019-3787
Vulnerability from cvelistv5
Published
2019-06-19 22:28
Modified
2024-09-16 21:57
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to a potentially fraudulent address. This would allow the attacker to gain complete control of the user's account.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-3787 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: All < v73.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v73.0.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending \u201cunknown.org\u201d to a user\u0027s email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to a potentially fraudulent address. This would allow the attacker to gain complete control of the user\u0027s account."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-840",
"description": "CWE-840: Business Logic Errors",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-19T22:28:07",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3787"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA defaults email address to an insecure domain",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-05-14T00:00:00.000Z",
"ID": "CVE-2019-3787",
"STATE": "PUBLIC",
"TITLE": "UAA defaults email address to an insecure domain"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v73.0.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending \u201cunknown.org\u201d to a user\u0027s email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to a potentially fraudulent address. This would allow the attacker to gain complete control of the user\u0027s account."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-840: Business Logic Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3787",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3787"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3787",
"datePublished": "2019-06-19T22:28:07.316424Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T21:57:57.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3801
Vulnerability from cvelistv5
Published
2019-04-25 20:17
Modified
2024-09-17 02:56
Severity ?
EPSS score ?
Summary
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the component.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-3801 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/108104 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cloud Foundry | CredHub |
Version: 2.1 < 2.1.3 Version: 1.9 < 1.9.10 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3801"
},
{
"name": "108104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CredHub",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "2.1.3",
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"lessThan": "1.9.10",
"status": "affected",
"version": "1.9",
"versionType": "custom"
}
]
},
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v64.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "cf-deployment",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v7.9.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "UAA Release (LTS)",
"vendor": "Pivotal",
"versions": [
{
"lessThan": "v60.2",
"status": "affected",
"version": "v60",
"versionType": "custom"
},
{
"lessThan": "v64.1",
"status": "affected",
"version": "v64",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the component."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494: Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-30T13:06:03",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3801"
},
{
"name": "108104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108104"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Java Projects using HTTP to fetch dependencies",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-25T00:00:00.000Z",
"ID": "CVE-2019-3801",
"STATE": "PUBLIC",
"TITLE": "Java Projects using HTTP to fetch dependencies"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CredHub",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.1",
"version_value": "2.1.3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "1.9",
"version_value": "1.9.10"
}
]
}
},
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v64.0"
}
]
}
},
{
"product_name": "cf-deployment",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v7.9.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
},
{
"product": {
"product_data": [
{
"product_name": "UAA Release (LTS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "v60",
"version_value": "v60.2"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "v64",
"version_value": "v64.1"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the component."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-494: Download of Code Without Integrity Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3801",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3801"
},
{
"name": "108104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108104"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3801",
"datePublished": "2019-04-25T20:17:37.272844Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-17T02:56:41.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11268
Vulnerability from cvelistv5
Published
2019-07-11 18:11
Modified
2024-09-17 03:13
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user with basic read privileges for one identity zone can extend those reading privileges to all other identity zones and obtain private information on users, clients, and groups in all other identity zones.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11268 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: prior to v73.3.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11268"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to v73.3.0"
}
]
}
],
"datePublic": "2019-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user with basic read privileges for one identity zone can extend those reading privileges to all other identity zones and obtain private information on users, clients, and groups in all other identity zones."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-11T18:11:36",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11268"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA SQL Identity Zone Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-06-27T23:26:15.000Z",
"ID": "CVE-2019-11268",
"STATE": "PUBLIC",
"TITLE": "UAA SQL Identity Zone Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to v73.3.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user with basic read privileges for one identity zone can extend those reading privileges to all other identity zones and obtain private information on users, clients, and groups in all other identity zones."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11268",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11268"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11268",
"datePublished": "2019-07-11T18:11:36.916271Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-17T03:13:54.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11270
Vulnerability from cvelistv5
Published
2019-08-05 16:21
Modified
2024-09-17 04:19
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator does not possess.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11270 | x_refsource_CONFIRM | |
| https://pivotal.io/security/cve-2019-11270 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: prior to v73.4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2019-11270"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to v73.4.0"
}
]
}
],
"datePublic": "2019-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the \u0027clients.write\u0027 authority or scope can bypass the restrictions imposed on clients created via \u0027clients.write\u0027 and create clients with arbitrary scopes that the creator does not possess."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-20T18:50:49",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2019-11270"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA clients.write vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-08-01T00:00:00.000Z",
"ID": "CVE-2019-11270",
"STATE": "PUBLIC",
"TITLE": "UAA clients.write vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to v73.4.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the \u0027clients.write\u0027 authority or scope can bypass the restrictions imposed on clients created via \u0027clients.write\u0027 and create clients with arbitrary scopes that the creator does not possess."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11270",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11270"
},
{
"name": "https://pivotal.io/security/cve-2019-11270",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2019-11270"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11270",
"datePublished": "2019-08-05T16:21:54.798114Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-17T04:19:01.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11278
Vulnerability from cvelistv5
Published
2019-09-26 21:11
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11278 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: prior to 74.1.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to 74.1.0"
}
]
}
],
"datePublic": "2019-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with \u0027client.write\u0027 and \u0027groups.update\u0027 can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Command Injection - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-26T21:11:24",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation via Blind SCIM Injection in UAA",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-09-10T00:00:00.000Z",
"ID": "CVE-2019-11278",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation via Blind SCIM Injection in UAA"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to 74.1.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with \u0027client.write\u0027 and \u0027groups.update\u0027 can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Command Injection - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11278",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11278"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11278",
"datePublished": "2019-09-26T21:11:24.033285Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T23:51:53.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3788
Vulnerability from cvelistv5
Published
2019-04-25 20:17
Modified
2024-09-16 22:02
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-3788 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: All < v71.0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3788"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v71.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Pivotal Application Service",
"vendor": "Pivotal",
"versions": [
{
"lessThan": "2.5.1",
"status": "affected",
"version": "2.5",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri\u0027s subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: Open Redirect",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-25T20:17:37",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3788"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA redirect-uri allows wildcard in the subdomain",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-15T00:00:00.000Z",
"ID": "CVE-2019-3788",
"STATE": "PUBLIC",
"TITLE": "UAA redirect-uri allows wildcard in the subdomain"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v71.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
},
{
"product": {
"product_data": [
{
"product_name": "Pivotal Application Service",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "2.5",
"version_value": "2.5.1"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri\u0027s subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3788",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3788"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3788",
"datePublished": "2019-04-25T20:17:37.233754Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T22:02:12.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11279
Vulnerability from cvelistv5
Published
2019-09-26 21:15
Modified
2024-09-17 02:36
Severity ?
EPSS score ?
Summary
CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn't be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11279 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: prior to 74.1.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to 74.1.0"
}
]
}
],
"datePublic": "2019-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn\u0027t be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Command Injection - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-26T21:15:10",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11279"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation via Scope Manipulation in UAA",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-09-10T00:00:00.000Z",
"ID": "CVE-2019-11279",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation via Scope Manipulation in UAA"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to 74.1.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn\u0027t be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Command Injection - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11279",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11279"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11279",
"datePublished": "2019-09-26T21:15:10.245483Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-17T02:36:57.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11274
Vulnerability from cvelistv5
Published
2019-08-09 19:22
Modified
2024-09-16 20:12
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-11274 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: prior to v74.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"status": "affected",
"version": "prior to v74.0.0"
}
]
}
],
"datePublic": "2019-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Cross-site Scripting (XSS) - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T19:22:17",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA SCIM Filter XSS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-08-08T21:57:04.000Z",
"ID": "CVE-2019-11274",
"STATE": "PUBLIC",
"TITLE": "UAA SCIM Filter XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"version_value": "prior to v74.0.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Cross-site Scripting (XSS) - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-11274",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-11274"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11274",
"datePublished": "2019-08-09T19:22:17.731034Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T20:12:34.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3775
Vulnerability from cvelistv5
Published
2019-03-07 19:00
Modified
2024-09-16 22:31
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-3775 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: All < v70.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v70.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290: Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-07T18:57:02",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3775"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA allows users to modify their own email address",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-02-26T00:00:00.000Z",
"ID": "CVE-2019-3775",
"STATE": "PUBLIC",
"TITLE": "UAA allows users to modify their own email address"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v70.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-290: Authentication Bypass by Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3775",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3775"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3775",
"datePublished": "2019-03-07T19:00:00Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T22:31:19.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3794
Vulnerability from cvelistv5
Published
2019-07-18 15:47
Modified
2024-09-16 16:28
Severity ?
EPSS score ?
Summary
Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cloudfoundry.org/blog/cve-2019-3794 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cloud Foundry | UAA Release (OSS) |
Version: All < v73.4.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UAA Release (OSS)",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThan": "v73.4.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA\u0027s frontend sites."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-18T15:47:00",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudfoundry.org/blog/cve-2019-3794"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "UAA - Login app subject to clickjacking attack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-07-09T00:00:00.000Z",
"ID": "CVE-2019-3794",
"STATE": "PUBLIC",
"TITLE": "UAA - Login app subject to clickjacking attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UAA Release (OSS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "All",
"version_value": "v73.4.0"
}
]
}
}
]
},
"vendor_name": "Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA\u0027s frontend sites."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3794",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3794"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3794",
"datePublished": "2019-07-18T15:47:00.225600Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T16:28:44.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}