Description
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.
CVSS Metrics
- Vector
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
- Attack Vector
- local
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- changed
- Confidentiality
- low
- Integrity
- low
- Availability
- low
- Weaknesses
- CWE-522CWE-200
Metadata
- Primary Vendor
- PIVOTAL
- Published
- 8/5/2019
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
pivotal : cloud_foundry_command_line_interfacepivotal : cloud_foundry_command_line_interface_releasepivotal : cloud_foundry_deploymentpivotal : cloud_foundry_deployment_concourse_taskspivotal : cloud_foundry_log_cache_releasepivotal : cloud_foundry_networking_releasepivotal : cloud_foundry_notificationspivotal : cloud_foundry_routing_releasepivotal : cloud_foundry_smoke_testpivotal : application_servicepivotal : application_servicepivotal : application_servicepivotal : cloud_foundry_autoscaling_releasepivotal : cloud_foundry_event_alertspivotal : cloud_foundry_healthwatchpivotal : cloud_foundry_healthwatchpivotal : credhub_service_broker_for_pcfpivotal : metric_registrar_releasepivotal : on_demand_service_brokerpivotal : pivotal_cloud_foundry_service_brokerpivotal : single_sign-onpivotal : single_sign-onpivotal : single_sign-onanynines : elasticsearchanynines : logmeanynines : mongodbanynines : mysqlanynines : postgresqlanynines : rabbitmqanynines : redisapigee : edge_service_brokerappdynamics : application_analyticsappdynamics : application_performance_monitoringappdynamics : platform_montioringbluemedora : nozzlecontrastsecurity : service_brokercyberark : conjur_service_brokerdatadoghq : application_monitoringdatastax : enterprise_service_brokerdynatrace : service_brokerforgerock : service_brokergoogle : google_cloud_platform_service_brokeribm : websphere_liberty_microsoft : azure_log_analytics_nozzlemicrosoft : azure_service_brokernewrelic : dotnet_extension_buildpacknewrelic : nozzlenewrelic : service_brokerpagerduty : service_brokerriverbed : steelcentral_appinternalssamba : volume_servicesignalsciences : service_brokersnyk : service_brokersolace : pubsub\+splunk : nozzlesumologic : nozzlesynopsys : seeker_iast_service_brokertibco : businessworks_buildpackwavefront : wavefront_by_vmware_nozzleyugabyte : db_enterprise
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.