Cloud Foundry Logo
blog single gear
Blog
Security Advisory

CVE-2018-1192: UAA SessionID present in Audit Event Logs

by: January 31, 2018

CVE-2018-1192: UAA SessionID present in Audit Event Logs

Severity

High

Vendor

Cloud Foundry Foundation

Affected Cloud Foundry Products and Versions

  • All cf-release versions prior to v285
  • All cf-deployment versions prior to v1.7
  •  UAA
    • 4.5.x versions prior to 4.5.5
    • 4.8.x versions prior to 4.8.3
    • 4.7.x versions prior to 4.7.4
  • UAA-release
    • 45.7.x versions prior to 45.7
    • 52.7.x versions prior to 52.7
    • 53.3.x versions prior to 53.3

Description

Cloud Foundry UAA logs the SessionID in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.

Mitigation

Users of affected versions should apply the following mitigations or upgrades:

  • Releases that have fixed this issue include:
    • cf-release: 285
    • cf-deployment: 1.7
    • UAA: 4.5.5, 4.8.3, 4.7.4
    • UAA-release: 45.7,52.7, 53.3

Credit

This issue was responsibly reported by the UAA team.

References

History

2018-01-31: Initial vulnerability report published.

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-4487-1: libx11 vulnerabilities
Security Advisory

USN-4487-1: libx11 vulnerabilities

by Cloud Foundry Foundation Security Team September 24, 2020
MS-ISAC: 2018-046 – Multiple Vulnerabilities in PHP
Security Advisory

MS-ISAC: 2018-046 – Multiple Vulnerabilities in PHP

by Cloud Foundry Foundation Security Team April 27, 2018
USN-4336-1: GNU binutils vulnerabilities
Security Advisory

USN-4336-1: GNU binutils vulnerabilities

by Cloud Foundry Foundation Security Team May 14, 2020
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept