CVE-2019-3800 : CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

Published 2019-08-05 17:15:11

Updated 2019-10-09 23:49:41

Source Dell

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2019-3800

IBM » Websphere Liberty » For Pivotal Cloud Foundry
Versions before (<) 3.11.0
cpe:2.3:a:ibm:websphere_liberty_:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Microsoft » Azure Log Analytics Nozzle » For Pivotal Cloud Foundry
Versions before (<) 1.4.1
cpe:2.3:a:microsoft:azure_log_analytics_nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Microsoft » Azure Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.4.1
cpe:2.3:a:microsoft:azure_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Samba » Volume Service » For Pivotal Cloud Foundry
Versions before (<) 1.1.1
cpe:2.3:a:samba:volume_service:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Google » Google Cloud Platform Service Broker » For Pivotal Cloud Foundry
Versions before (<) 4.2.3
cpe:2.3:a:google:google_cloud_platform_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Tibco » Businessworks Buildpack » Container Edition For Pivotal Cloud Foundry
Versions before (<) 2.4.4
cpe:2.3:a:tibco:businessworks_buildpack:*:*:*:*:container:pivotal_cloud_foundry:*:*
Matching versions
Splunk » Nozzle » For Pivotal Cloud Foundry
Versions before (<) 1.1.1
cpe:2.3:a:splunk:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Newrelic » Nozzle » For Pivotal Cloud Foundry
Versions before (<) 1.1.17
cpe:2.3:a:newrelic:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Newrelic » Dotnet Extension Buildpack » For Pivotal Cloud Foundry
Versions before (<) 1.1.1
cpe:2.3:a:newrelic:dotnet_extension_buildpack:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Newrelic » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.12.64
cpe:2.3:a:newrelic:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Riverbed » Steelcentral Appinternals » For Pivotal Cloud Foundry
Versions before (<) 10.21.1-bl516
cpe:2.3:a:riverbed:steelcentral_appinternals:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Forgerock » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:forgerock:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Pivotal » Cloud Foundry Deployment Concourse Tasks
Versions before (<) 9.3.0
cpe:2.3:a:pivotal:cloud_foundry_deployment_concourse_tasks:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Deployment
Versions before (<) 10.0.0
cpe:2.3:a:pivotal:cloud_foundry_deployment:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Smoke Test
Versions before (<) 40.0.113
cpe:2.3:a:pivotal:cloud_foundry_smoke_test:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Routing Release
Versions before (<) 0.189.0
cpe:2.3:a:pivotal:cloud_foundry_routing_release:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Notifications
Versions before (<) 58
cpe:2.3:a:pivotal:cloud_foundry_notifications:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Command Line Interface Release
Versions before (<) 1.16.0
cpe:2.3:a:pivotal:cloud_foundry_command_line_interface_release:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Log Cache Release
Versions before (<) 2.3.1
cpe:2.3:a:pivotal:cloud_foundry_log_cache_release:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Networking Release
Versions before (<) 2.23.0
cpe:2.3:a:pivotal:cloud_foundry_networking_release:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Command Line Interface
Versions before (<) 6.45.0
cpe:2.3:a:pivotal:cloud_foundry_command_line_interface:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Healthwatch
Versions from including (>=) 1.5.0 and before (<) 1.5.4
cpe:2.3:a:pivotal:cloud_foundry_healthwatch:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Healthwatch
Versions from including (>=) 1.4.0 and before (<) 1.4.7
cpe:2.3:a:pivotal:cloud_foundry_healthwatch:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Credhub Service Broker For Pcf
Versions before (<) 1.3.2
cpe:2.3:a:pivotal:credhub_service_broker_for_pcf:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Metric Registrar Release
Versions before (<) 1.2
cpe:2.3:a:pivotal:metric_registrar_release:*:*:*:*:*:*:*:*
Matching versions
Pivotal » On Demand Service Broker
Versions before (<) 0.29.0
cpe:2.3:a:pivotal:on_demand_service_broker:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Application Service
Versions from including (>=) 2.5.0 and before (<) 2.5.6
cpe:2.3:a:pivotal:application_service:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Application Service
Versions from including (>=) 2.3.0 and before (<) 2.3.14
cpe:2.3:a:pivotal:application_service:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Application Service
Versions from including (>=) 2.4.0 and before (<) 2.4.10
cpe:2.3:a:pivotal:application_service:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Cloud Foundry Autoscaling Release
Versions before (<) 219
cpe:2.3:a:pivotal:cloud_foundry_autoscaling_release:*:*:*:*:*:*:*:*
Matching versions
Pivotal » Pivotal Cloud Foundry Service Broker » For AWS
Versions before (<) 1.4.13
cpe:2.3:a:pivotal:pivotal_cloud_foundry_service_broker:*:*:*:*:*:aws:*:*
Matching versions
Pivotal » Single Sign-on » For Cloud Foundry
Versions from including (>=) 1.9.0 and before (<) 1.9.1
cpe:2.3:a:pivotal:single_sign-on:*:*:*:*:*:cloud_foundry:*:*
Matching versions
Pivotal » Single Sign-on » For Cloud Foundry
Versions from including (>=) 1.8.0 and before (<) 1.8.4
cpe:2.3:a:pivotal:single_sign-on:*:*:*:*:*:cloud_foundry:*:*
Matching versions
Pivotal » Single Sign-on » For Cloud Foundry
Versions from including (>=) 1.7.0 and before (<) 1.7.5
cpe:2.3:a:pivotal:single_sign-on:*:*:*:*:*:cloud_foundry:*:*
Matching versions
Pivotal » Cloud Foundry Event Alerts
Versions before (<) 1.2.8
cpe:2.3:a:pivotal:cloud_foundry_event_alerts:*:*:*:*:*:*:*:*
Matching versions
Cyberark » Conjur Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.1.1
cpe:2.3:a:cyberark:conjur_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Appdynamics » Platform Montioring » For Pivotal Cloud Foundry
Versions before (<) 4.7.712
cpe:2.3:a:appdynamics:platform_montioring:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Appdynamics » Application Performance Monitoring » For Pivotal Cloud Foundry
Versions before (<) 4.6.64
cpe:2.3:a:appdynamics:application_performance_monitoring:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Appdynamics » Application Analytics » For Pivotal Cloud Foundry
Versions before (<) 4.7.652
cpe:2.3:a:appdynamics:application_analytics:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Bluemedora » Nozzle » For Pivotal Cloud Foundry
Versions before (<) 3.1.1
cpe:2.3:a:bluemedora:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Contrastsecurity » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 2.2.0
cpe:2.3:a:contrastsecurity:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Signalsciences » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.1.0
cpe:2.3:a:signalsciences:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Snyk » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.0.3
cpe:2.3:a:snyk:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Solace » Pubsub+ » For Pivotal Cloud Foundry
Versions before (<) 2.3.2
cpe:2.3:a:solace:pubsub\+:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Mongodb » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:mongodb:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Logme » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:logme:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Mysql » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:mysql:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Postgresql » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:postgresql:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Rabbitmq » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:rabbitmq:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Elasticsearch » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:elasticsearch:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Anynines » Redis » For Pivotal Cloud Foundry
Versions before (<) 2.1.2
cpe:2.3:a:anynines:redis:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Apigee » Edge Service Broker » For Pivotal Cloud Foundry
Versions before (<) 3.1.3
cpe:2.3:a:apigee:edge_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Datadoghq » Application Monitoring » For Pivotal Cloud Foundry
Versions before (<) 1.7.0
cpe:2.3:a:datadoghq:application_monitoring:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Dynatrace » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.4.2
cpe:2.3:a:dynatrace:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Pagerduty » Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.2.4
cpe:2.3:a:pagerduty:service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Sumologic » Nozzle » For Pivotal Cloud Foundry
Versions before (<) 1.0.1
cpe:2.3:a:sumologic:nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Wavefront » Wavefront By Vmware Nozzle » For Pivotal Cloud Foundry
Versions before (<) 1.0.2
cpe:2.3:a:wavefront:wavefront_by_vmware_nozzle:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Yugabyte » Db Enterprise » For Pivotal Cloud Foundry
Versions before (<) 1.1.8
cpe:2.3:a:yugabyte:db_enterprise:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Datastax » Enterprise Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.0.2
cpe:2.3:a:datastax:enterprise_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions
Synopsys » Seeker Iast Service Broker » For Pivotal Cloud Foundry
Versions before (<) 1.2.14
cpe:2.3:a:synopsys:seeker_iast_service_broker:*:*:*:*:*:pivotal_cloud_foundry:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-3800

EPSS FAQ

0.30%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-3800

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.3	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L	2.0	3.7	Dell
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: Low Integrity: Low Availability: Low

CWE ids for CVE-2019-3800

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)
CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Assigned by: security_alert@emc.com (Secondary)

References for CVE-2019-3800

https://www.cloudfoundry.org/blog/cve-2019-3800

CVE-2019-3800: CF CLI writes the client id and secret to config file | Cloud Foundry
Vendor Advisory
https://pivotal.io/security/cve-2019-3800

CVE-2019-3800: CF CLI writes the client id and secret to config file | Security | Pivotal
Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-3800

Products affected by CVE-2019-3800

Exploit prediction scoring system (EPSS) score for CVE-2019-3800

CVSS scores for CVE-2019-3800

CWE ids for CVE-2019-3800

References for CVE-2019-3800