Cloud Foundry Logo
blog single gear
Blog
Security Advisory

CVE-2018-1193: gorouter accepts user-provided X-Forwarded-Proto headers 

by: May 21, 2018

CVE-2018-1193: gorouter accepts user-provided X-Forwarded-Proto headers

Severity

Low

Vendor

Cloud Foundry Foundation

Affected Cloud Foundry Products and Versions

  • You are using routing-release versions prior to 0.175.0
  • You are using cf-deployment versions prior to v1.27.0

Description

Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only respond over secure connections.

Mitigation

Users of affected versions should apply the following mitigations or upgrades:

  • Releases that have fixed this issue include:
    • routing-release version 0.175.0
    • NOTE: deployment property ‘sanitize_forwarded_proto’ must be set to true
  • Terminate application TLS prior to gorouter
    • This issue does not apply if you terminate TLS prior to gorouter

References

History

2018-05-21: Initial vulnerability report published.

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-4017-1: Linux kernel vulnerabilities
Security Advisory

USN-4017-1: Linux kernel vulnerabilities

by Cloud Foundry Foundation Security Team July 3, 2019
USN-3840-1: OpenSSL vulnerabilities
Security Advisory

USN-3840-1: OpenSSL vulnerabilities

by Cloud Foundry Foundation Security Team December 27, 2018
CVE-2018-1277: Garden does not correctly enforce Docker image disc quotas
Security Advisory

CVE-2018-1277: Garden does not correctly enforce Docker image disc quotas

by Cloud Foundry Foundation Security Team April 30, 2018
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept