Vulnerability-Lookup

CNVD-2018-12104

Vulnerability from cnvd - Published: 2018-06-26

Title

Cloud Foundry Loggregator未授权操作漏洞

Description

Cloud Foundry Loggregator是美国Cloud Foundry基金会的一套使用在Cloud Foundry云计算平台中的日志记录系统。 Cloud Foundry Loggregator中存在安全漏洞，该漏洞源于程序未能充分校验app GUID结构。远程攻击者可通过构建恶意请求利用该漏洞读取应用程序的日志或对其日志进行写入操作。

Severity

中

Patch Name

Cloud Foundry Loggregator未授权操作漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.cloudfoundry.org/blog/cve-2018-1268

Reference

https://www.cloudfoundry.org/blog/cve-2018-1268

Impacted products

Name
['Cloud Foundry Loggregator 89.，<=89.5', 'Cloud Foundry Loggregator 96.，<=96.1', 'Cloud Foundry Loggregator 99.，<=99.1', 'Cloud Foundry Loggregator 101.，<=101.9', 'Cloud Foundry Loggregator 102.*，<=102.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1268"
    }
  },
  "description": "Cloud Foundry Loggregator\u662f\u7f8e\u56fdCloud Foundry\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u4f7f\u7528\u5728Cloud Foundry\u4e91\u8ba1\u7b97\u5e73\u53f0\u4e2d\u7684\u65e5\u5fd7\u8bb0\u5f55\u7cfb\u7edf\u3002\r\n\r\nCloud Foundry Loggregator\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u6821\u9a8capp GUID\u7ed3\u6784\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u5efa\u6076\u610f\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u5e94\u7528\u7a0b\u5e8f\u7684\u65e5\u5fd7\u6216\u5bf9\u5176\u65e5\u5fd7\u8fdb\u884c\u5199\u5165\u64cd\u4f5c\u3002",
  "discovererName": "GE Digital Security Team",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.cloudfoundry.org/blog/cve-2018-1268",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-12104",
  "openTime": "2018-06-26",
  "patchDescription": "Cloud Foundry Loggregator\u662f\u7f8e\u56fdCloud Foundry\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u4f7f\u7528\u5728Cloud Foundry\u4e91\u8ba1\u7b97\u5e73\u53f0\u4e2d\u7684\u65e5\u5fd7\u8bb0\u5f55\u7cfb\u7edf\u3002\r\n\r\nCloud Foundry Loggregator\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u6821\u9a8capp GUID\u7ed3\u6784\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u5efa\u6076\u610f\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u5e94\u7528\u7a0b\u5e8f\u7684\u65e5\u5fd7\u6216\u5bf9\u5176\u65e5\u5fd7\u8fdb\u884c\u5199\u5165\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cloud Foundry Loggregator\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cloud Foundry Loggregator 89.*\uff0c\u003c=89.5",
      "Cloud Foundry Loggregator 96.*\uff0c\u003c=96.1",
      "Cloud Foundry Loggregator 99.*\uff0c\u003c=99.1",
      "Cloud Foundry Loggregator 101.*\uff0c\u003c=101.9",
      "Cloud Foundry Loggregator 102.*\uff0c\u003c=102.2"
    ]
  },
  "referenceLink": "https://www.cloudfoundry.org/blog/cve-2018-1268",
  "serverity": "\u4e2d",
  "submitTime": "2018-06-08",
  "title": "Cloud Foundry Loggregator\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e"
}

CVE-2018-1268 (GCVE-0-2018-1268)

Vulnerability from cvelistv5 – Published: 2018-06-06 20:00 – Updated: 2024-09-17 04:25

Summary

Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app.

Severity

No CVSS data available.

CWE

Authorization Error

Assigner

dell

References

1 reference

URL	Tags
https://www.cloudfoundry.org/blog/cve-2018-1268	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
Cloud Foundry	Loggregator	Affected: 89.x , < 89.5 (custom) Affected: 96.x , < 96.1 (custom) Affected: 99.x , < 99.1 (custom) Affected: 101.x , < 101.9 (custom) Affected: 102.x , < 102.2 (custom)

Date Public

2018-06-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:51:49.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cloudfoundry.org/blog/cve-2018-1268"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Loggregator",
          "vendor": "Cloud Foundry",
          "versions": [
            {
              "lessThan": "89.5",
              "status": "affected",
              "version": "89.x",
              "versionType": "custom"
            },
            {
              "lessThan": "96.1",
              "status": "affected",
              "version": "96.x",
              "versionType": "custom"
            },
            {
              "lessThan": "99.1",
              "status": "affected",
              "version": "99.x",
              "versionType": "custom"
            },
            {
              "lessThan": "101.9",
              "status": "affected",
              "version": "101.x",
              "versionType": "custom"
            },
            {
              "lessThan": "102.2",
              "status": "affected",
              "version": "102.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-06-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authorization Error",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-06T19:57:01.000Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cloudfoundry.org/blog/cve-2018-1268"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "DATE_PUBLIC": "2018-06-05T04:00:00.000Z",
          "ID": "CVE-2018-1268",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Loggregator",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "89.x",
                            "version_value": "89.5"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "96.x",
                            "version_value": "96.1"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "99.x",
                            "version_value": "99.1"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "101.x",
                            "version_value": "101.9"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "102.x",
                            "version_value": "102.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cloud Foundry"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authorization Error"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cloudfoundry.org/blog/cve-2018-1268",
              "refsource": "CONFIRM",
              "url": "https://www.cloudfoundry.org/blog/cve-2018-1268"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2018-1268",
    "datePublished": "2018-06-06T20:00:00.000Z",
    "dateReserved": "2017-12-06T00:00:00.000Z",
    "dateUpdated": "2024-09-17T04:25:07.541Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-12104

CVE-2018-1268 (GCVE-0-2018-1268)

Tags

Sightings

Nomenclature