cnvd - cnvd-2017-09726

CNVD-2017-09726

Vulnerability from cnvd - Published: 2017-06-15

Title

BOSH Director VM代理匿名端点漏洞

Description

BOSH是一个针对大规模分布系统的部署和生命周期管理的开源工具，Director VM是其中的一个虚拟机，stemcell是其中的一个镜像。使用stemcell 3232.6之前的版本和3146.13之前的版本的BOSH Director VM中的Agent的endpoint存在安全漏洞。攻击者可借助与现存GUID相匹配的URL利用该漏洞读取或写入blobs，或实施拒绝服务攻击。

Severity

中

Patch Name

BOSH Director VM代理匿名端点漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://bosh.io

Reference

https://pivotal.io/security/cve-2016-4435

Impacted products

Name
['Cloud Foundry Foundation bosh stemcell <=3232.6', 'Cloud Foundry Foundation bosh stemcell 3146.13']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4435"
    }
  },
  "description": "BOSH\u662f\u4e00\u4e2a\u9488\u5bf9\u5927\u89c4\u6a21\u5206\u5e03\u7cfb\u7edf\u7684\u90e8\u7f72\u548c\u751f\u547d\u5468\u671f\u7ba1\u7406\u7684\u5f00\u6e90\u5de5\u5177\uff0cDirector VM\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u865a\u62df\u673a\uff0cstemcell\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u955c\u50cf\u3002\r\n\r\n\u4f7f\u7528stemcell 3232.6\u4e4b\u524d\u7684\u7248\u672c\u548c3146.13\u4e4b\u524d\u7684\u7248\u672c\u7684BOSH Director VM\u4e2d\u7684Agent\u7684endpoint\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u4e0e\u73b0\u5b58GUID\u76f8\u5339\u914d\u7684URL\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u5199\u5165blobs\uff0c\u6216\u5b9e\u65bd\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Cloud Foundry Foundation",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://bosh.io",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-09726",
  "openTime": "2017-06-15",
  "patchDescription": "BOSH\u662f\u4e00\u4e2a\u9488\u5bf9\u5927\u89c4\u6a21\u5206\u5e03\u7cfb\u7edf\u7684\u90e8\u7f72\u548c\u751f\u547d\u5468\u671f\u7ba1\u7406\u7684\u5f00\u6e90\u5de5\u5177\uff0cDirector VM\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u865a\u62df\u673a\uff0cstemcell\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u955c\u50cf\u3002\r\n\r\n\u4f7f\u7528stemcell 3232.6\u4e4b\u524d\u7684\u7248\u672c\u548c3146.13\u4e4b\u524d\u7684\u7248\u672c\u7684BOSH Director VM\u4e2d\u7684Agent\u7684endpoint\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u4e0e\u73b0\u5b58GUID\u76f8\u5339\u914d\u7684URL\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u5199\u5165blobs\uff0c\u6216\u5b9e\u65bd\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "BOSH Director VM\u4ee3\u7406\u533f\u540d\u7aef\u70b9\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cloud Foundry Foundation bosh stemcell \u003c=3232.6",
      "Cloud Foundry Foundation bosh stemcell  3146.13"
    ]
  },
  "referenceLink": "https://pivotal.io/security/cve-2016-4435",
  "serverity": "\u4e2d",
  "submitTime": "2017-05-27",
  "title": "BOSH Director VM\u4ee3\u7406\u533f\u540d\u7aef\u70b9\u6f0f\u6d1e"
}

CVE-2016-4435 (GCVE-0-2016-4435)

Vulnerability from cvelistv5 – Published: 2017-05-25 17:00 – Updated: 2024-08-06 00:32

Summary

An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.

Severity ?

No CVSS data available.

CWE

Assigner

dell

References

URL

Tags

https://pivotal.io/security/cve-2016-4435

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Pivotal	Cloud Foundry	Affected: BOSH stemcell versions prior to 3232.6 and 3146.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:24.614Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://pivotal.io/security/cve-2016-4435"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cloud Foundry",
          "vendor": "Pivotal",
          "versions": [
            {
              "status": "affected",
              "version": "BOSH stemcell versions prior to 3232.6 and 3146.13"
            }
          ]
        }
      ],
      "datePublic": "2016-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-25T16:57:01",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://pivotal.io/security/cve-2016-4435"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "ID": "CVE-2016-4435",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cloud Foundry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BOSH stemcell versions prior to 3232.6 and 3146.13"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Pivotal"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pivotal.io/security/cve-2016-4435",
              "refsource": "CONFIRM",
              "url": "https://pivotal.io/security/cve-2016-4435"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2016-4435",
    "datePublished": "2017-05-25T17:00:00",
    "dateReserved": "2016-05-02T00:00:00",
    "dateUpdated": "2024-08-06T00:32:24.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-09726

CVE-2016-4435 (GCVE-0-2016-4435)

Tags

Sightings

Nomenclature