Cloud Foundry Logo
blog single gear
Blog
Security Advisory

CVE-2018-1192: UAA SessionID present in Audit Event Logs

by: January 31, 2018

CVE-2018-1192: UAA SessionID present in Audit Event Logs

Severity

High

Vendor

Cloud Foundry Foundation

Affected Cloud Foundry Products and Versions

  • All cf-release versions prior to v285
  • All cf-deployment versions prior to v1.7
  •  UAA
    • 4.5.x versions prior to 4.5.5
    • 4.8.x versions prior to 4.8.3
    • 4.7.x versions prior to 4.7.4
  • UAA-release
    • 45.7.x versions prior to 45.7
    • 52.7.x versions prior to 52.7
    • 53.3.x versions prior to 53.3

Description

Cloud Foundry UAA logs the SessionID in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.

Mitigation

Users of affected versions should apply the following mitigations or upgrades:

  • Releases that have fixed this issue include:
    • cf-release: 285
    • cf-deployment: 1.7
    • UAA: 4.5.5, 4.8.3, 4.7.4
    • UAA-release: 45.7,52.7, 53.3

Credit

This issue was responsibly reported by the UAA team.

References

History

2018-01-31: Initial vulnerability report published.

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-5971-1: Graphviz vulnerabilities
Security Advisory

USN-5971-1: Graphviz vulnerabilities

by Cloud Foundry Foundation Security Team May 25, 2023
USN-3485-2: Linux kernel (Xenial HWE) vulnerabilities
Security Advisory

USN-3485-2: Linux kernel (Xenial HWE) vulnerabilities

by Cloud Foundry Foundation Security Team November 27, 2017
USN-3606-1: LibTIFF vulnerabilities
Security Advisory

USN-3606-1: LibTIFF vulnerabilities

by Cloud Foundry Foundation Security Team May 2, 2018
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept