Vulnerability Details : CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection.
Products affected by CVE-2023-20881
- cpe:2.3:a:cloudfoundry:capi-release:*:*:*:*:*:*:*:*
- cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
- cpe:2.3:a:cloudfoundry:loggregator-agent:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-20881
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-20881
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.1
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.8
|
5.2
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-01-21 |
8.1
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.8
|
5.2
|
NIST |
CWE ids for CVE-2023-20881
-
The product does not validate, or incorrectly validates, a certificate.Assigned by:
- nvd@nist.gov (Primary)
- security@vmware.com (Secondary)
References for CVE-2023-20881
-
https://www.cloudfoundry.org/blog/cve-2023-20881-cas-for-syslog-drain-mtls-feature-can-be-overwritten/
CVE-2023-20881: CAs for syslog-drain mtls feature can be overwritten | Cloud FoundryVendor Advisory
Jump to